Move stateless reset token to the end

draft-ietf-quic-transport.md

@@ -1576,9 +1576,9 @@ The Packet Number field is set to a randomized value.  The server SHOULD send a
 packet with a short header and a type of 0x01.  This produces the shortest
 possible packet number encoding, which minimizes the perceived gap between the
 last packet that the server sent and this packet.  A server MAY use a different
-short header type, indicating a different packet number length, but this allows
-for the message to be identified as a stateless reset more easily using
-heuristics.
+short header type, indicating a different packet number length, but a longer
+packet number encoding might allow this message to be identified as a stateless
+reset more easily using heuristics.
 
 After the first short header octet and optional connection ID, the server
 includes the value of the Stateless Reset Token that it included in its
@@ -1604,10 +1604,9 @@ A client detects a potential stateless reset when a packet with a short header
 either cannot be decrypted or is marked as a potential duplicate.  The client
 then performs a constant-time comparison of the last 16 octets of the packet
 with the Stateless Reset Token provided by the server in its transport
-parameters.  If this comparison is successful, the connection MUST be terminated
-immediately, with the client entering the draining period.  The client MUST NOT
-send any further packets on this connection after receiving a stateless
-reset. If the comparison is unsuccessful, the packet can be discarded.
+parameters.  If this comparison is successful, the client MUST discard all
+connection state and not send any further packets on this connection. If the
+comparison is unsuccessful, the packet can be discarded.
 
 
 #### Calculating a Stateless Reset Token