describe how 0-RTT is accepted and rejected

quicwg · Jun 24, 2019 · 1585f08 · 1585f08
1 parent 4d38e6f
commit 1585f08
Showing 1 changed file with 9 additions and 4 deletions.
diff --git a/draft-ietf-quic-tls.md b/draft-ietf-quic-tls.md
@@ -618,11 +618,16 @@ application data, a server MUST treat receiving early data on the TLS connection
 as a connection error of type PROTOCOL_VIOLATION.
 
 
-## Rejecting 0-RTT
+## Accepting and rejecting 0-RTT
 
-A server rejects 0-RTT by rejecting 0-RTT at the TLS layer.  This also prevents
-QUIC from sending 0-RTT data. A server will always reject 0-RTT if it sends a
-TLS HelloRetryRequest.
+A server accepts 0-RTT by sending the EarlyDataIndication in the ServerHello
+(see Section 4.10.2 of {{!TLS13}}). A server that accepts 0-RTT MUST process and
+acknowledge all 0-RTT packets that it receives.
+
+A server rejects 0-RTT by sending a ServerHello with the EarlyDataIndication.
+When rejecting 0-RTT, a server MUST NOT process any 0-RTT packets, even if it is
+in possesion of the keys to do so. A server will always reject 0-RTT if it sends
+a TLS HelloRetryRequest.
 
 When 0-RTT is rejected, all connection characteristics that the client assumed
 might be incorrect.  This includes the choice of application protocol, transport