RFC 8446, "The Transport Layer Security (TLS) Protocol Version 1.3", August 2018

Errata ID: 6144
Status: Reported
Type: Editorial
Publication Format(s) : TEXT
Reported By: Ben Smyth
Date Reported: 2020-04-29

Section 4.2.8. says:

Upon receipt of this extension in a HelloRetryRequest, the client
MUST verify that...the selected_group field does not
correspond to a group which was provided in the "key_share" extension
in the original ClientHello.

It should say:

Upon receipt of this extension in a HelloRetryRequest, the client
MUST verify that...a key share was not offered (in the "key_share" 
extension in the original ClientHello) for the group in the 
selected_group field.

Notes:

The original text requires knowledge of the "key_share" extension and is rather hard to read,
the proposed text should be easier to understand.

Report New Errata