target = "https://www.rfc-editor.org/rfc/rfc9001#section-4.9"

# 4.9.  Discarding Unused Keys
#
# After QUIC has completed a move to a new encryption level, packet
# protection keys for previous encryption levels can be discarded.
# This occurs several times during the handshake, as well as when keys
# are updated; see Section 6.
# 
# Packet protection keys are not discarded immediately when new keys
# are available.  If packets from a lower encryption level contain
# CRYPTO frames, frames that retransmit that data MUST be sent at the
# same encryption level.  Similarly, an endpoint generates
# acknowledgments for packets at the same encryption level as the
# packet being acknowledged.  Thus, it is possible that keys for a
# lower encryption level are needed for a short time after keys for a
# newer encryption level are available.
# 
# An endpoint cannot discard keys for a given encryption level unless
# it has received all the cryptographic handshake messages from its
# peer at that encryption level and its peer has done the same.
# Different methods for determining this are provided for Initial keys
# (Section 4.9.1) and Handshake keys (Section 4.9.2).  These methods do
# not prevent packets from being received or sent at that encryption
# level because a peer might not have received all the acknowledgments
# necessary.
# 
# Though an endpoint might retain older keys, new data MUST be sent at
# the highest currently available encryption level.  Only ACK frames
# and retransmissions of data in CRYPTO frames are sent at a previous
# encryption level.  These packets MAY also include PADDING frames.

[[spec]]
level = "MUST"
quote = '''
If packets from a lower encryption level contain
CRYPTO frames, frames that retransmit that data MUST be sent at the
same encryption level.
'''

[[spec]]
level = "MUST"
quote = '''
Though an endpoint might retain older keys, new data MUST be sent at
the highest currently available encryption level.
'''

[[spec]]
level = "MAY"
quote = '''
These packets MAY also include PADDING frames.
'''