quicwg · martinthomson · Dec 10, 2020 · Nov 19, 2020 · Nov 19, 2020 · Nov 19, 2020
diff --git a/draft-ietf-quic-tls.md b/draft-ietf-quic-tls.md
@@ -195,7 +195,8 @@ TLS provides two basic handshake modes of interest to QUIC:
  * A 0-RTT handshake, in which the client uses information it has previously
    learned about the server to send Application Data immediately.  This
    Application Data can be replayed by an attacker so 0-RTT is not suitable for
-   carrying instructions that might initiate any non-idempotent action.
+   carrying instructions that might initiate any action that could cause
+   unwanted effects if replayed.
 
 A simplified TLS handshake with 0-RTT application data is shown in {{tls-full}}.
 
@@ -1288,7 +1289,8 @@ that is in use.
 An application protocol that uses QUIC MUST include a profile that defines
 acceptable use of 0-RTT; otherwise, 0-RTT can only be used to carry QUIC frames
 that do not carry application data. For example, a profile for HTTP is
-described in {{?HTTP-REPLAY=RFC8740}}.
+described in {{?HTTP-REPLAY=RFC8470}} and used for HTTP/3; see Section 10.9 of
+{{QUIC-HTTP}}.
 
 Though replaying packets might result in additional connection attempts, the
 effect of processing replayed frames that do not carry application data is