From b4ced77c6526b977192e1daf49f2512773d354c8 Mon Sep 17 00:00:00 2001
From: Marten Seemann <martenseemann@gmail.com>
Date: Sat, 17 Aug 2019 10:33:31 +0700
Subject: [PATCH 1/2] forbid empty NEW_TOKEN frames

---
 draft-ietf-quic-transport.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/draft-ietf-quic-transport.md b/draft-ietf-quic-transport.md
index 0a1eea8873..5d96a53a41 100644
--- a/draft-ietf-quic-transport.md
+++ b/draft-ietf-quic-transport.md
@@ -4843,7 +4843,8 @@ Token Length:
 
 Token:
 
-: An opaque blob that the client may use with a future Initial packet.
+: An opaque blob that the client may use with a future Initial packet. The token
+  MUST NOT be empty.
 
 
 ## STREAM Frames {#frame-stream}

From c22d6ce3bcb1dbbe0164cf7895f229fe8a07f873 Mon Sep 17 00:00:00 2001
From: Martin Thomson <mt@lowentropy.net>
Date: Fri, 13 Sep 2019 14:19:32 +1000
Subject: [PATCH 2/2] Add an explicit error code for an empty token

---
 draft-ietf-quic-transport.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/draft-ietf-quic-transport.md b/draft-ietf-quic-transport.md
index 5d96a53a41..989e4870f4 100644
--- a/draft-ietf-quic-transport.md
+++ b/draft-ietf-quic-transport.md
@@ -4844,7 +4844,8 @@ Token Length:
 Token:
 
 : An opaque blob that the client may use with a future Initial packet. The token
-  MUST NOT be empty.
+  MUST NOT be empty.  An endpoint MUST treat receipt of a NEW_TOKEN frame with
+  an empty Token field as a connection error of type FRAME_ENCODING_ERROR.
 
 
 ## STREAM Frames {#frame-stream}