target = "https://www.rfc-editor.org/rfc/rfc9001#section-4.8"

# 4.8.  TLS Errors
#
# If TLS experiences an error, it generates an appropriate alert as
# defined in Section 6 of [TLS13].
# 
# A TLS alert is converted into a QUIC connection error.  The
# AlertDescription value is added to 0x0100 to produce a QUIC error
# code from the range reserved for CRYPTO_ERROR; see Section 20.1 of
# [QUIC-TRANSPORT].  The resulting value is sent in a QUIC
# CONNECTION_CLOSE frame of type 0x1c.
# 
# QUIC is only able to convey an alert level of "fatal".  In TLS 1.3,
# the only existing uses for the "warning" level are to signal
# connection close; see Section 6.1 of [TLS13].  As QUIC provides
# alternative mechanisms for connection termination and the TLS
# connection is only closed if an error is encountered, a QUIC endpoint
# MUST treat any alert from TLS as if it were at the "fatal" level.
# 
# QUIC permits the use of a generic code in place of a specific error
# code; see Section 11 of [QUIC-TRANSPORT].  For TLS alerts, this
# includes replacing any alert with a generic alert, such as
# handshake_failure (0x0128 in QUIC).  Endpoints MAY use a generic
# error code to avoid possibly exposing confidential information.

[[spec]]
level = "MUST"
quote = '''
As QUIC provides
alternative mechanisms for connection termination and the TLS
connection is only closed if an error is encountered, a QUIC endpoint
MUST treat any alert from TLS as if it were at the "fatal" level.
'''

[[spec]]
level = "MAY"
quote = '''
Endpoints MAY use a generic
error code to avoid possibly exposing confidential information.
'''