Prohibit acknowledgement of packets with echoed packet numbers

draft-ietf-quic-transport.md

@@ -522,6 +522,10 @@ from the triggering client packet.  This allows clients some assurance that the
 server received the packet and that the Version Negotiation packet was not
 carried in a packet with a spoofed source address.
 
+A Version Negotiation packet is never explicitly acknowledged in an ACK frame by
+a client.  Receiving another Client Initial packet implicitly acknowledges a
+Version Negotiation packet.
+
 The payload of the Version Negotiation packet is a list of 32-bit versions which
 the server supports, as shown below.
 
@@ -595,6 +599,10 @@ The packet number and connection ID fields echo the corresponding fields from
 the triggering client packet.  This allows a client to verify that the server
 received its packet.
 
+A Server Stateless Retry packet is never explicitly acknowledged in an ACK frame
+by a client.  Receiving another Client Initial packet implicitly acknowledges a
+Server Stateless Retry packet.
+
 After receiving a Server Stateless Retry packet, the client uses a new Client
 Initial packet containing the next cryptographic handshake message.  The client
 retains the state of its cryptographic handshake, but discards all transport
@@ -1927,6 +1935,10 @@ Unlike TCP SACKs, QUIC ACK blocks are irrevocable.  Once a packet has
 been acknowledged, even if it does not appear in a future ACK frame,
 it remains acknowledged.
 
+A client MUST NOT acknowledge Version Negotiation or Server Stateless Retry
+packets.  These packet types contain packet numbers selected by the client, not
+the server.
+
 QUIC ACK frames contain a timestamp section with up to 255 timestamps.
 Timestamps enable better congestion control, but are not required for correct
 loss recovery, and old timestamps are less valuable, so it is not guaranteed