target = "https://www.rfc-editor.org/rfc/rfc9001#section-4.6.2"

# 4.6.2.  Accepting and Rejecting 0-RTT
#
# A server accepts 0-RTT by sending an early_data extension in the
# EncryptedExtensions; see Section 4.2.10 of [TLS13].  The server then
# processes and acknowledges the 0-RTT packets that it receives.
# 
# A server rejects 0-RTT by sending the EncryptedExtensions without an
# early_data extension.  A server will always reject 0-RTT if it sends
# a TLS HelloRetryRequest.  When rejecting 0-RTT, a server MUST NOT
# process any 0-RTT packets, even if it could.  When 0-RTT was
# rejected, a client SHOULD treat receipt of an acknowledgment for a
# 0-RTT packet as a connection error of type PROTOCOL_VIOLATION, if it
# is able to detect the condition.
# 
# When 0-RTT is rejected, all connection characteristics that the
# client assumed might be incorrect.  This includes the choice of
# application protocol, transport parameters, and any application
# configuration.  The client therefore MUST reset the state of all
# streams, including application state bound to those streams.
# 
# A client MAY reattempt 0-RTT if it receives a Retry or Version
# Negotiation packet.  These packets do not signify rejection of 0-RTT.

[[spec]]
level = "MUST"
quote = '''
When rejecting 0-RTT, a server MUST NOT
process any 0-RTT packets, even if it could.
'''

[[spec]]
level = "SHOULD"
quote = '''
When 0-RTT was
rejected, a client SHOULD treat receipt of an acknowledgment for a
0-RTT packet as a connection error of type PROTOCOL_VIOLATION, if it
is able to detect the condition.
'''

[[spec]]
level = "MUST"
quote = '''
The client therefore MUST reset the state of all
streams, including application state bound to those streams.
'''

[[spec]]
level = "MAY"
quote = '''
A client MAY reattempt 0-RTT if it receives a Retry or Version
Negotiation packet.
'''