Does anyone have a secure implementation of the QUIC address validation token [1]? The example in quiche [2] is explicitly insecure. It *looks* to be as easy as MAC(address || connection id). Spec also mentions a timestamp, I guess to make the token expire. But I don't want this code to end up in a CVE in two years because I missed something :)
[1] https://datatracker.ietf.org/doc/html/draft-ietf-quic-transport-23#section-8.1.3
[2] https://docs.quic.tech/quiche_server/fn.mint_token.html