target = "https://www.rfc-editor.org/rfc/rfc9001#section-4.5"

# 4.5.  Session Resumption
#
# QUIC can use the session resumption feature of TLS 1.3.  It does this
# by carrying NewSessionTicket messages in CRYPTO frames after the
# handshake is complete.  Session resumption can be used to provide
# 0-RTT and can also be used when 0-RTT is disabled.
# 
# Endpoints that use session resumption might need to remember some
# information about the current connection when creating a resumed
# connection.  TLS requires that some information be retained; see
# Section 4.6.1 of [TLS13].  QUIC itself does not depend on any state
# being retained when resuming a connection unless 0-RTT is also used;
# see Section 7.4.1 of [QUIC-TRANSPORT] and Section 4.6.1.  Application
# protocols could depend on state that is retained between resumed
# connections.
# 
# Clients can store any state required for resumption along with the
# session ticket.  Servers can use the session ticket to help carry
# state.
# 
# Session resumption allows servers to link activity on the original
# connection with the resumed connection, which might be a privacy
# issue for clients.  Clients can choose not to enable resumption to
# avoid creating this correlation.  Clients SHOULD NOT reuse tickets as
# that allows entities other than the server to correlate connections;
# see Appendix C.4 of [TLS13].

[[spec]]
level = "SHOULD"
quote = '''
Clients SHOULD NOT reuse tickets as
that allows entities other than the server to correlate connections;
see Appendix C.4 of [TLS13].
'''