At the risk of this getting lost in the snowstorm of emails flying around, it's worth highlighting a change that I'm proposing in response to Ben's review of -tls:
https://github.com/quicwg/base-drafts/pull/4570 I'll include the change here, because it mostly speaks for itself: OLD: The alert level of all TLS alerts is "fatal"; a TLS stack MUST NOT generate alerts at the "warning" level. NEW: QUIC is only able to convey an alert level of "fatal". The only existing uses for the "warning" level are to signal connection close; see Section 6.1 of {{!TLS13}}. As QUIC provides alternative mechanisms for connection termination and the TLS connection is only closed if an error is encountered, a QUIC endpoint MUST treat any alert from TLS as if it were at the "fatal" level. The change is from levying a requirement on TLS implementations and making it a requirement on how QUIC reacts to TLS. Though the requirement we had is likely consistent with what TLS implementations actually would do, it's overreaching our authority, and unnecessarily so. This has almost the same effect, though it's also clearer in terms of outcomes.
