Editorial suggestions from Benjamin Kaduk (transport)

draft-ietf-quic-transport.md

@@ -204,8 +204,7 @@ This document describes the core QUIC protocol and is structured as follows:
   - {{error-codes}} (Errors).
 
 Accompanying documents describe QUIC's loss detection and congestion control
-{{QUIC-RECOVERY}}, and the use of cryptographic mechanisms, including the use
-of TLS for key negotiation {{QUIC-TLS}}.
+{{QUIC-RECOVERY}}, and the use of TLS and other cryptographic mechanisms {{QUIC-TLS}}.
 
 This document defines QUIC version 1, which conforms to the protocol invariants
 in {{QUIC-INVARIANTS}}.
@@ -1529,9 +1528,9 @@ Initial (CRYPTO)
                        <----------                1-RTT (*)
 Handshake (CRYPTO)
 1-RTT (*)              ---------->
-                       <---------- 1-RTT (HANDSHAKE_DONE,*)
+                       <----------   1-RTT (HANDSHAKE_DONE)
 
-1-RTT (                <=========>                1-RTT
+1-RTT                  <=========>                    1-RTT
 ~~~
 {: #fig-hs title="Simplified QUIC Handshake"}
 
@@ -1653,7 +1652,7 @@ received a valid Initial packet from the server, it MUST discard any subsequent
 packet it receives on that connection with a different Source Connection ID.
 
 A client MUST change the Destination Connection ID it uses for sending packets
-in response to only the first received Initial and/or Retry packet(s).  A server MUST
+in response to only the first received Initial or Retry packet.  A server MUST
 set the Destination Connection ID it uses for sending packets based on the first
 received Initial packet. Any further changes to the Destination Connection ID
 are only permitted if the values are taken from NEW_CONNECTION_ID frames; if
@@ -2518,8 +2517,7 @@ path, giving it the ability to observe or drop all subsequent packets.
 
 This style of attack relies on the attacker using a path that has approximately
 the same characteristics as the direct path between endpoints.  The attack is
-more reliable if relatively few packets are sent or if packet loss (that might
-be deliberately triggered by an attacker) coincides
+more reliable if relatively few packets are sent or if packet loss coincides
 with the attempted attack.
 
 A non-probing packet received on the original path that increases the maximum
@@ -3621,7 +3619,7 @@ connection can usually appear in packets in any packet number space, whereas
 those associated with transferring data can only appear in the application
 data packet number space:
 
-- PADDING and PING frames MAY appear in any packet number space.
+- PADDING, PING, and CRYPTO frames MAY appear in any packet number space.
 
 - CONNECTION_CLOSE frames signaling errors at the QUIC layer (type 0x1c) MAY
   appear in any packet number space. CONNECTION_CLOSE frames signaling
@@ -4203,7 +4201,7 @@ meet size constraints; the endpoint MAY however discard such datagrams.
 
 A client MUST expand the payload of all UDP datagrams carrying Initial packets
 to at least the smallest allowed maximum datagram size of 1200 bytes by adding
-PADDING frames to the Initial packet and/or by coalescing the Initial packet; see
+PADDING frames to the Initial packet or by coalescing the Initial packet; see
 {{packet-coalesce}}.  Similarly, a server MUST expand the payload of all UDP
 datagrams carrying ack-eliciting Initial packets to at least the smallest
 allowed maximum datagram size of 1200 bytes.  Sending UDP datagrams of this size
@@ -6627,7 +6625,8 @@ ensures that valid packets are only generated by endpoints that possess the
 key material established during the handshake; see {{handshake}} and
 {{handshake-properties}}. Similarly, any active attacker that observes packets
 and attempts to insert new data or modify existing data in those packets should
-not be able to generate non-Initial packets deemed valid by the receiving endpoint.
+not be able to generate packets deemed valid by the receiving endpoint,
+other than Initial packets.
 
 A spoofing attack, in which an active attacker rewrites unprotected parts of a
 packet that it forwards or injects, such as the source or destination
@@ -6885,7 +6884,7 @@ supports.  An endpoint MAY skip packet numbers when sending packets to detect
 this behavior.  An endpoint can then immediately close the connection with a
 connection error of type PROTOCOL_VIOLATION; see {{immediate-close}}.
 Note that introducing artificial gaps might increase the size of the
-returned ACK packets in a manner that scales roughly llinearly with the
+returned ACK packets in a manner that scales roughly linearly with the
 number of gaps introduced, so fewer, larger, gaps may be more efficient.