From 835490f5b5d268afe36b22be81d346e96eeb54da Mon Sep 17 00:00:00 2001
From: ianswett <ianswett@users.noreply.github.com>
Date: Fri, 6 Sep 2019 17:13:11 -0400
Subject: [PATCH] Update draft-ietf-quic-tls.md

Co-Authored-By: Martin Thomson <mt@lowentropy.net>
---
 draft-ietf-quic-tls.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/draft-ietf-quic-tls.md b/draft-ietf-quic-tls.md
index f62f16b6e6..16e809cd9a 100644
--- a/draft-ietf-quic-tls.md
+++ b/draft-ietf-quic-tls.md
@@ -805,7 +805,8 @@ The HKDF-Expand-Label function defined in TLS 1.3 MUST be used for Initial
 packets even where the TLS versions offered do not include TLS 1.3.
 
 The secrets used for protecting Initial packets do not change during the
-connection, even after receiving a Retry.  A server that sends a Retry
+connection, even though the destination connection ID in client Initial packets
+changes after receiving a Retry.  A server that sends a Retry
 therefore needs to either remember the original connection ID and Initial
 protection keys or save the original connection ID in the Retry token.