* properly chose the highest version supported on the server, instead of
chosing the first that match.
* use the client version in the RSA client exchange instead of the negotiated version
* delay hashing mechanism to serverHello message so that choosing MD5SHA1 or SHA256
is done after the server chose the version.