quicwg · MikeBishop · Nov 9, 2020 · Nov 9, 2020 · Nov 9, 2020 · Nov 9, 2020
diff --git a/draft-ietf-quic-transport.md b/draft-ietf-quic-transport.md
@@ -1928,10 +1928,14 @@ consider the peer address to have been validated.
 
 Additionally, an endpoint MAY consider the peer address validated if the peer
 uses a connection ID chosen by the endpoint and the connection ID contains at
-least 64 bits of entropy. A client can consider the server address validated on
-successfully processing any packet received from the server, since for
-encrypting its Initial packets, the server uses the Destination Connection ID
-field from the client's first Initial packet; see Section 5.2 of {{QUIC-TLS}}.
+least 64 bits of entropy.
+
+For the client, the value of the Destination Connection ID field in its first
+Initial packet allows it to validate the server address as a part of
+successfully processing any packet.  Initial packets from the server are
+protected with keys that are derived from this value (see Section 5.2 of
+{{QUIC-TLS}}).  Alternatively, the value is echoed by the server in Retry and
+Version Negotiation packets.
 
 Prior to validating the client address, servers MUST NOT send more than three
 times as many bytes as the number of bytes they have received.  This limits the