target = "https://www.rfc-editor.org/rfc/rfc9000#section-10.3.1"

# 10.3.1.  Detecting a Stateless Reset
#
# An endpoint detects a potential Stateless Reset using the trailing 16
# bytes of the UDP datagram.  An endpoint remembers all stateless reset
# tokens associated with the connection IDs and remote addresses for
# datagrams it has recently sent.  This includes Stateless Reset Token
# field values from NEW_CONNECTION_ID frames and the server's transport
# parameters but excludes stateless reset tokens associated with
# connection IDs that are either unused or retired.  The endpoint
# identifies a received datagram as a Stateless Reset by comparing the
# last 16 bytes of the datagram with all stateless reset tokens
# associated with the remote address on which the datagram was
# received.
# 
# This comparison can be performed for every inbound datagram.
# Endpoints MAY skip this check if any packet from a datagram is
# successfully processed.  However, the comparison MUST be performed
# when the first packet in an incoming datagram either cannot be
# associated with a connection or cannot be decrypted.
# 
# An endpoint MUST NOT check for any stateless reset tokens associated
# with connection IDs it has not used or for connection IDs that have
# been retired.
# 
# When comparing a datagram to stateless reset token values, endpoints
# MUST perform the comparison without leaking information about the
# value of the token.  For example, performing this comparison in
# constant time protects the value of individual stateless reset tokens
# from information leakage through timing side channels.  Another
# approach would be to store and compare the transformed values of
# stateless reset tokens instead of the raw token values, where the
# transformation is defined as a cryptographically secure pseudorandom
# function using a secret key (e.g., block cipher, Hashed Message
# Authentication Code (HMAC) [RFC2104]).  An endpoint is not expected
# to protect information about whether a packet was successfully
# decrypted or the number of valid stateless reset tokens.
# 
# If the last 16 bytes of the datagram are identical in value to a
# stateless reset token, the endpoint MUST enter the draining period
# and not send any further packets on this connection.

[[spec]]
level = "MAY"
quote = '''
Endpoints MAY skip this check if any packet from a datagram is
successfully processed.
'''

[[spec]]
level = "MUST"
quote = '''
However, the comparison MUST be performed
when the first packet in an incoming datagram either cannot be
associated with a connection or cannot be decrypted.
'''

[[spec]]
level = "MUST"
quote = '''
An endpoint MUST NOT check for any stateless reset tokens associated
with connection IDs it has not used or for connection IDs that have
been retired.
'''

[[spec]]
level = "MUST"
quote = '''
When comparing a datagram to stateless reset token values, endpoints
MUST perform the comparison without leaking information about the
value of the token.
'''

[[spec]]
level = "MUST"
quote = '''
If the last 16 bytes of the datagram are identical in value to a
stateless reset token, the endpoint MUST enter the draining period
and not send any further packets on this connection.
'''