Figure out how to solve version rollback completely
Created by: tcz001
The OTRv2 and v3 is doing version according to the query message
?OTRv3?, we should consider downgrade attack if MITM has capability to change this header.
Or, once we have otr4, we should also consider the deprecation of otr3/otr2 when we have otr5.
A version rollback may require key management for all versions, so that it can be able to handle different implementations AKE.
According to the TLS spec, we may also need statement rules like, implementation SHOULD/SHOULDNOT/MUST/MUSTNOT/CAN/SUGGESTED do something.