litespeedtech · dtikhonov · Nov 28, 2025 · Nov 1, 2025 · Nov 27, 2025
diff --git a/src/liblsquic/lsquic_enc_sess_ietf.c b/src/liblsquic/lsquic_enc_sess_ietf.c
@@ -176,7 +176,7 @@ static struct label_set hkdf_labels[2] =
 };
 
 
-/* [draft-ietf-quic-tls-12] Section 5.3.6 */
+/* [RFC 9001] Section 5.1 (Packet Protection Keys) */
 static int
 init_crypto_ctx (struct crypto_ctx *crypto_ctx, const EVP_MD *md,
                  const EVP_AEAD *aead, const unsigned char *secret,
@@ -1138,14 +1138,14 @@ static const unsigned char *const lsquic_ver2salt[N_LSQVER] = {
 };
 
 
-/* [draft-ietf-quic-tls-12] Section 5.3.2 */
+/* [RFC 9001] Section 5.2 (Initial Secrets) */
 static int
 setup_handshake_keys (struct enc_sess_iquic *enc_sess, const lsquic_cid_t *cid)
 {
     const EVP_MD *const md = EVP_sha256();
     const EVP_AEAD *const aead = EVP_aead_aes_128_gcm();
-    /* [draft-ietf-quic-tls-12] Section 5.6.1: AEAD_AES_128_GCM implies
-     * 128-bit AES-CTR.
+    /* [RFC 9001] Sections 5.3 and 5.4.3: AEAD_AES_128_GCM implies
+     * 128-bit AES-CTR for header protection.
      */
     const EVP_CIPHER *const cipher = EVP_aes_128_ecb();
     struct crypto_ctx_pair *pair;
@@ -1656,7 +1656,7 @@ get_crypto_params (const struct enc_sess_iquic *enc_sess,
 
     iv_sz = EVP_AEAD_nonce_length(params->aead);
     if (iv_sz < 8)
-        iv_sz = 8;  /* [draft-ietf-quic-tls-11], Section 5.3 */
+        iv_sz = 8;  /* Old drafts used 8-byte nonce */
     if (iv_sz > EVP_MAX_IV_LENGTH)
     {
         LSQ_DEBUG("iv size %u is too large", iv_sz);
@@ -1667,7 +1667,7 @@ get_crypto_params (const struct enc_sess_iquic *enc_sess,
 }
 
 
-/* [draft-ietf-quic-transport-31] Section 7.4.1:
+/* [RFC 9000] Section 7.4.1 (Accepting and Rejecting 0-RTT):
  " If 0-RTT data is accepted by the server, the server MUST NOT reduce
  " any limits or alter any values that might be violated by the client
  " with its 0-RTT data.  In particular, a server that accepts 0-RTT data
@@ -2174,7 +2174,7 @@ iquic_esf_encrypt_packet (enc_session_t *enc_session_p,
 
     if (packet_out->po_data_sz < 3)
     {
-        /* [draft-ietf-quic-tls-20] Section 5.4.2 */
+        /* [RFC 9001] Section 5.4.2 (Packet Protection) */
         enum packno_bits bits = lsquic_packet_out_packno_bits(packet_out);
         unsigned len = iquic_packno_bits2len(bits);
         if (packet_out->po_data_sz + len < 4)
@@ -3455,30 +3455,30 @@ const struct lsquic_stream_if lsquic_mini_cry_sm_if =
 
 const unsigned char *const lsquic_retry_key_buf[N_IETF_RETRY_VERSIONS] =
 {
-    /* [draft-ietf-quic-tls-25] Section 5.8 */
+    /* [RFC 9001] Section 5.8 (draft-25 for backward compatibility) */
     (unsigned char *)
         "\x4d\x32\xec\xdb\x2a\x21\x33\xc8\x41\xe4\x04\x3d\xf2\x7d\x44\x30",
-    /* [draft-ietf-quic-tls-29] Section 5.8 */
+    /* [RFC 9001] Section 5.8 (draft-29 for backward compatibility) */
     (unsigned char *)
         "\xcc\xce\x18\x7e\xd0\x9a\x09\xd0\x57\x28\x15\x5a\x6c\xb9\x6b\xe1",
-    /* [draft-ietf-quic-tls-33] Section 5.8 */
+    /* [RFC 9001] Section 5.8 (Retry Packet Integrity) */
     (unsigned char *)
         "\xbe\x0c\x69\x0b\x9f\x66\x57\x5a\x1d\x76\x6b\x54\xe3\x68\xc8\x4e",
-    /* [draft-draft-ietf-quic-v2] Section 3.3.3 */
+    /* [RFC 9369] Section 3.3.3 (QUIC Version 2) */
     (unsigned char *)
         "\x8f\xb4\xb0\x1b\x56\xac\x48\xe2\x60\xfb\xcb\xce\xad\x7c\xcc\x92",
 };
 
 
 const unsigned char *const lsquic_retry_nonce_buf[N_IETF_RETRY_VERSIONS] =
 {
-    /* [draft-ietf-quic-tls-25] Section 5.8 */
+    /* [RFC 9001] Section 5.8 (draft-25 for backward compatibility) */
     (unsigned char *) "\x4d\x16\x11\xd0\x55\x13\xa5\x52\xc5\x87\xd5\x75",
-    /* [draft-ietf-quic-tls-29] Section 5.8 */
+    /* [RFC 9001] Section 5.8 (draft-29 for backward compatibility) */
     (unsigned char *) "\xe5\x49\x30\xf9\x7f\x21\x36\xf0\x53\x0a\x8c\x1c",
-    /* [draft-ietf-quic-tls-33] Section 5.8 */
+    /* [RFC 9001] Section 5.8 (Retry Packet Integrity) */
     (unsigned char *) "\x46\x15\x99\xd3\x5d\x63\x2b\xf2\x23\x98\x25\xbb",
-    /* [draft-draft-ietf-quic-v2] Section 3.3.3 */
+    /* [RFC 9369] Section 3.3.3 (QUIC Version 2) */
     (unsigned char *) "\xd8\x69\x69\xbc\x2d\x7c\x6d\x99\x90\xef\xb0\x4a",
 };
 

diff --git a/src/liblsquic/lsquic_engine.c b/src/liblsquic/lsquic_engine.c
@@ -3293,7 +3293,7 @@ lsquic_engine_packet_in (lsquic_engine_t *engine,
             break;
         }
 
-        /* [draft-ietf-quic-transport-30] Section 12.2:
+        /* [RFC 9000] Section 12.2 (Coalescing Packets):
          * " Receivers SHOULD ignore any subsequent packets with a different
          * " Destination Connection ID than the first packet in the datagram.
          */

diff --git a/src/liblsquic/lsquic_full_conn_ietf.c b/src/liblsquic/lsquic_full_conn_ietf.c
@@ -6514,9 +6514,9 @@ process_retire_connection_id_frame (struct ietf_full_conn *conn,
     uint64_t seqno;
     int parsed_len;
 
-    /* [draft-ietf-quic-transport-25] Section 19.16
+    /* [RFC 9000] Section 19.16 (RETIRE_CONNECTION_ID Frame):
      *
-     * - Peer cannot retire zero-lenth CID. (MUST treat as PROTOCOL_VIOLATION)
+     * - Peer cannot retire zero-length CID. (MUST treat as PROTOCOL_VIOLATION)
      * - Peer cannot retire CID with sequence number that has not been
      *   allocated yet. (MUST treat as PROTOCOL_VIOLATION)
      * - Peer cannot retire CID that matches the DCID in packet.
@@ -6608,7 +6608,7 @@ process_new_token_frame (struct ietf_full_conn *conn,
     }
 
     if (conn->ifc_flags & IFC_SERVER)
-    {   /* [draft-ietf-quic-transport-34] Section 19.7 */
+    {   /* [RFC 9000] Section 19.7 (NEW_TOKEN Frame) */
         ABORT_QUIETLY(0, TEC_PROTOCOL_VIOLATION,
                                     "received unexpected NEW_TOKEN frame");
         return 0;
@@ -7286,7 +7286,7 @@ process_retry_packet (struct ietf_full_conn *conn,
 
     if (conn->ifc_flags & (IFC_SERVER|IFC_RETRIED))
     {
-        /* [draft-ietf-quic-transport-24] Section 17.2.5:
+        /* [RFC 9000] Section 17.2.5 (Retry Packet):
          " After the client has received and processed an Initial or Retry
          " packet from the server, it MUST discard any subsequent Retry
          " packets that it receives.
@@ -7301,7 +7301,7 @@ process_retry_packet (struct ietf_full_conn *conn,
                     packet_in->pi_scid_len))
     {
         /*
-         * [draft-ietf-quic-transport-24] Section 17.2.5:
+         * [RFC 9000] Section 17.2.5 (Retry Packet):
          " A client MUST discard a Retry packet that contains a Source
          " Connection ID field that is identical to the Destination
          " Connection ID field of its Initial packet.
@@ -7716,8 +7716,8 @@ process_regular_packet (struct ietf_full_conn *conn,
         if (PNS_APP == pns
                 && (cpath = &conn->ifc_paths[packet_in->pi_path_id],
                                             cpath->cop_flags & COP_SPIN_BIT)
-                /* [draft-ietf-quic-transport-30] Section 17.3.1 talks about
-                 * how spin bit value is set.
+                /* [RFC 9000] Section 17.3.1 (1-RTT Packet) talks about how
+                 * spin bit value is set.
                  */
                 && (packet_in->pi_packno > cpath->cop_max_packno
                     /* Zero means "unset", in which case any incoming packet
@@ -7831,7 +7831,7 @@ process_incoming_packet_verneg (struct ietf_full_conn *conn,
             }
         }
 
-        /* [draft-ietf-quic-transport-28] Section 6.2:
+        /* [RFC 9000] Section 6.2 (Using Server Retry):
          " A client MUST discard a Version Negotiation packet that lists the
          " QUIC version selected by the client.
          */
@@ -7842,7 +7842,7 @@ process_incoming_packet_verneg (struct ietf_full_conn *conn,
             return 0;
         }
 
-        /* [draft-ietf-quic-transport-28] Section 6.2:
+        /* [RFC 9000] Section 6.2 (Using Server Retry):
          " A client that supports only this version of QUIC MUST abandon the
          " current connection attempt if it receives a Version Negotiation
          " packet [...]
@@ -8693,7 +8693,7 @@ ietf_full_conn_ci_tick (struct lsquic_conn *lconn, lsquic_time_t now)
         conn->ifc_send_flags &= ~SF_SEND_PING;   /* It may have rung */
     }
 
-    /* [draft-ietf-quic-transport-11] Section 7.9:
+    /* [RFC 9000] Section 19.2 (PING Frame):
      *
      *     The PING frame can be used to keep a connection alive when an
      *     application or application protocol wishes to prevent the connection
@@ -9354,7 +9354,7 @@ on_setting (void *ctx, uint64_t setting_id, uint64_t value)
     case 3: /* HTTP/2 SETTINGS_MAX_CONCURRENT_STREAMS */
     case 4: /* HTTP/2 SETTINGS_INITIAL_WINDOW_SIZE */
     case 5: /* HTTP/2 SETTINGS_MAX_FRAME_SIZE */
-        /* [draft-ietf-quic-http-30] Section 7.2.4.1 */
+        /* [RFC 9114] Section 7.2.4.1 (Defined SETTINGS Parameters) */
         ABORT_QUIETLY(1, HEC_SETTINGS_ERROR, "unexpected HTTP/2 setting "
             "%"PRIu64, setting_id);
         break;

diff --git a/src/liblsquic/lsquic_handshake.c b/src/liblsquic/lsquic_handshake.c
@@ -4000,7 +4000,7 @@ gquic2_esf_encrypt_packet (enc_session_t *enc_session_p,
 
     if (packet_out->po_data_sz < 3)
     {
-        /* [draft-ietf-quic-tls-20] Section 5.4.2 */
+        /* [RFC 9001] Section 5.4.2 (Packet Protection) */
         enum packno_bits bits = lsquic_packet_out_packno_bits(packet_out);
         /* XXX same packet rules as in IETF QUIC? */
         unsigned len = iquic_packno_bits2len(bits);

diff --git a/src/liblsquic/lsquic_headers_stream.c b/src/liblsquic/lsquic_headers_stream.c
@@ -358,7 +358,7 @@ headers_on_settings (void *ctx, uint16_t setting_id, uint32_t setting_value)
     case SETTINGS_MAX_CONCURRENT_STREAMS:
     case SETTINGS_INITIAL_WINDOW_SIZE:
     case SETTINGS_MAX_FRAME_SIZE:
-        /* [draft-ietf-quic-http-00], Section 3 */
+        /* [RFC 9114], Section 3.2.1 (HTTP/3 vs HTTP/2 Settings) */
         LSQ_INFO("Specifying setting 0x%X is a QUIC error", setting_id);
         hs->hs_callbacks->hsc_on_conn_error(hs->hs_cb_ctx);
         break;

diff --git a/src/liblsquic/lsquic_hkdf.c b/src/liblsquic/lsquic_hkdf.c
@@ -8,7 +8,7 @@
 #include "lsquic_hkdf.h"
 
 
-/* [draft-ietf-quic-tls-17] Section 5 */
+/* [RFC 9001] Section 5.1 (Packet Protection Keys) */
 void
 lsquic_qhkdf_expand (const EVP_MD *md, const unsigned char *secret,
             unsigned secret_len, const char *label, uint8_t label_len,

diff --git a/src/liblsquic/lsquic_hkdf.h b/src/liblsquic/lsquic_hkdf.h
@@ -2,19 +2,19 @@
 #ifndef LSQUIC_HKDF_H
 #define LSQUIC_HKDF_H 1
 
-/* [draft-ietf-quic-tls-23] Section 5.2 */
+/* [RFC 9001] Section 5.2 (Initial Secrets) - draft-23 for backward compatibility */
 #define HSK_SALT_BUF "\xc3\xee\xf7\x12\xc7\x2e\xbb\x5a\x11\xa7" \
                      "\xd2\x43\x2b\xb4\x63\x65\xbe\xf9\xf5\x02"
 #define HSK_SALT_PRE29 ((unsigned char *) HSK_SALT_BUF)
-/* [draft-ietf-quic-tls-29] Section 5.2 */
+/* [RFC 9001] Section 5.2 (Initial Secrets) - draft-29 for backward compatibility */
 #define HSK_SALT_PRE33 ((unsigned char *) \
                      "\xaf\xbf\xec\x28\x99\x93\xd2\x4c\x9e\x97" \
                      "\x86\xf1\x9c\x61\x11\xe0\x43\x90\xa8\x99")
-/* [draft-ietf-quic-tls-33] Section 5.2 */
+/* [RFC 9001] Section 5.2 (Initial Secrets) */
 #define HSK_SALT ((unsigned char *) \
                      "\x38\x76\x2c\xf7\xf5\x59\x34\xb3\x4d\x17" \
                      "\x9a\xe6\xa4\xc8\x0c\xad\xcc\xbb\x7f\x0a")
-/* [draft-ietf-quic-v2] Section 3.3.1 */
+/* [RFC 9369] Section 3.2 (QUIC Version 2 Initial Salt) */
 #define HSK_SALT_V2 ((unsigned char *) \
                      "\x0d\xed\xe3\xde\xf7\x00\xa6\xdb\x81\x93" \
                      "\x81\xbe\x6e\x26\x9d\xcb\xf9\xbd\x2e\xd9")

diff --git a/src/liblsquic/lsquic_hq.h b/src/liblsquic/lsquic_hq.h
@@ -8,7 +8,7 @@
 
 struct lsquic_ext_http_prio;
 
-/* [draft-ietf-quic-http-27] Section 11.2.1 */
+/* [RFC 9114] Section 7.2.1 (HTTP/3 Frame Types) */
 enum hq_frame_type
 {
     HQFT_DATA           = 0,
@@ -47,8 +47,8 @@ enum hq_setting_id
 #define HQ_DF_QPACK_BLOCKED_STREAMS 0
 
 
-/* [draft-ietf-quic-http-19] Section 10.6,
- * [draft-ietf-quic-qpack-07] Section 8.2
+/* [RFC 9114] Section 6.2 (Unidirectional Stream Types),
+ * [RFC 9204] Section 4.2 (QPACK Encoder and Decoder Streams)
  */
 enum hq_uni_stream_type
 {
@@ -59,8 +59,7 @@ enum hq_uni_stream_type
 };
 
 
-/* [draft-ietf-quic-http-23] Section 8.1 and
- * [draft-ietf-quic-qpack-08], Section 8.3
+/* [RFC 9114] Section 8.1 (HTTP/3 Error Codes)
  */
 enum http_error_code
 {

diff --git a/src/liblsquic/lsquic_ietf.h b/src/liblsquic/lsquic_ietf.h
@@ -4,7 +4,7 @@
 
 /* Things specific to the IETF version of QUIC that do not fit anywhere else */
 
-/* [draft-ietf-quic-transport-33] Section 20 */
+/* [RFC 9000] Section 20 (Error Codes) */
 enum trans_error_code
 {
     TEC_NO_ERROR                   =  0x0,
@@ -30,7 +30,7 @@ enum trans_error_code
 /* Must be at least two */
 #define MAX_IETF_CONN_DCIDS 8
 
-/* [draft-ietf-quic-tls-25] Section 5.8 */
+/* [RFC 9001] Section 5.8 (Retry Packet Integrity) */
 #define IETF_RETRY_KEY_SZ 16
 #define IETF_RETRY_NONCE_SZ 12
 

diff --git a/src/liblsquic/lsquic_mini_conn_ietf.c b/src/liblsquic/lsquic_mini_conn_ietf.c
@@ -529,7 +529,7 @@ is_first_packet_ok (const struct lsquic_packet_in *packet_in,
 {
     if (udp_payload_size < IQUIC_MIN_INIT_PACKET_SZ)
     {
-        /* [draft-ietf-quic-transport-24] Section 14 */
+        /* [RFC 9000] Section 14.1 (Initial Datagram Size) */
         LSQ_LOG1(LSQ_LOG_DEBUG, "incoming UDP payload too small: %zu bytes",
                                                             udp_payload_size);
         return 0;
@@ -923,8 +923,8 @@ ietf_mini_conn_ci_next_packet_to_send (struct lsquic_conn *lconn,
     {
         if (packet_out->po_flags & PO_SENT)
             continue;
-        /* [draft-ietf-quic-transport-32] Section 14.1:
-         " a server MUST expand the payload of all UDP datagrams carrying
+        /* [RFC 9000] Section 14.1 (Initial Datagram Size):
+         " A server MUST expand the payload of all UDP datagrams carrying
          " ack-eliciting Initial packets to at least the smallest allowed
          " maximum datagram size of 1200 bytes.
          */
@@ -1549,7 +1549,7 @@ imico_maybe_delay_processing (struct ietf_mini_conn *conn,
 }
 
 
-/* [draft-ietf-quic-transport-30] Section 8.1:
+/* [RFC 9000] Section 8.1 (Address Validation During Connection Establishment):
  " Additionally, a server MAY consider the client address validated if
  " the client uses a connection ID chosen by the server and the
  " connection ID contains at least 64 bits of entropy.
@@ -2211,7 +2211,7 @@ imico_generate_conn_close (struct ietf_mini_conn *conn)
     }
 
 
-/* [draft-ietf-quic-transport-28] Section 10.3.1:
+/* [RFC 9000] Section 10.2.3 (Immediate Close during the Handshake):
  *
  " A client will always know whether the server has Handshake keys (see
  " Section 17.2.2.1), but it is possible that a server does not know

diff --git a/src/liblsquic/lsquic_mini_conn_ietf.h b/src/liblsquic/lsquic_mini_conn_ietf.h
@@ -120,7 +120,7 @@ struct ietf_mini_conn
     struct network_path             imc_path;
 };
 
-/* [draft-ietf-quic-transport-24] Section 7.4
+/* [RFC 9000] Section 7.5 (Cryptographic Message Buffering):
  *
  " Implementations MUST support buffering at least 4096 bytes of data
  " received in CRYPTO frames out of order.  Endpoints MAY choose to

diff --git a/src/liblsquic/lsquic_packet_common.c b/src/liblsquic/lsquic_packet_common.c
@@ -89,7 +89,7 @@ const char *const lsquic_hety2str[] =
 };
 
 
-/* [draft-ietf-quic-tls-14], Section 4 */
+/* [RFC 9001], Section 4.1.4 (Packet Numbers) */
 const enum packnum_space lsquic_hety2pns[] =
 {
     [HETY_SHORT]        = PNS_APP,
@@ -101,7 +101,7 @@ const enum packnum_space lsquic_hety2pns[] =
 };
 
 
-/* [draft-ietf-quic-tls-14], Section 4 */
+/* [RFC 9001], Section 4.1.4 (Packet Numbers) */
 const enum packnum_space lsquic_enclev2pns[] =
 {
     [ENC_LEV_INIT]      = PNS_INIT,

diff --git a/src/liblsquic/lsquic_packet_common.h b/src/liblsquic/lsquic_packet_common.h
@@ -206,13 +206,13 @@ extern const char *const lsquic_pns2str[];
     |  QUIC_FTBIT_TIMESTAMP          \
     |  QUIC_FTBIT_CRYPTO             )
 
-/* [draft-ietf-quic-transport-24] Section 1.2 */
+/* [RFC 9000] Section 13.2.1 (Frames and Frame Types) */
 #define IQUIC_FRAME_ACKABLE_MASK (  \
     (ALL_IQUIC_FRAMES | QUIC_FTBIT_DATAGRAM) \
         & ~(QUIC_FTBIT_ACK | QUIC_FTBIT_PADDING \
             | QUIC_FTBIT_CONNECTION_CLOSE | QUIC_FTBIT_TIMESTAMP))
 
-/* [draft-ietf-quic-transport-20], Section 13.2 */
+/* [RFC 9000], Section 13.3 (Retransmission of Information) */
 /* We bend some rules and retransmit BLOCKED, MAX_DATA, MAX_STREAM_DATA,
  * MAX_STREAMS, STREAM_BLOCKED, and STREAMS_BLOCKED frames instead of
  * regenerating them.  This keeps the code simple(r).

diff --git a/src/liblsquic/lsquic_packet_ietf.h b/src/liblsquic/lsquic_packet_ietf.h
@@ -11,7 +11,7 @@ iquic_packno_bits2len(uint64_t b)
     return (b) + 1;
 }
 
-/* [draft-ietf-quic-transport-22] Section 7.2:
+/* [RFC 9000] Section 7.2 (Negotiating Connection IDs):
  "
    When an Initial packet is sent by a client that has not previously
    received an Initial or Retry packet from the server, it populates the
@@ -24,7 +24,7 @@ iquic_packno_bits2len(uint64_t b)
  */
 #define MIN_INITIAL_DCID_LEN 8
 
-/* [draft-ietf-quic-transport-24] Section 8.1 */
+/* [RFC 9000] Section 14.1 (Initial Datagram Size) */
 #define IQUIC_MIN_INIT_PACKET_SZ 1200
 
 /* Our stream code makes an assumption that packet size is smaller than the

diff --git a/src/liblsquic/lsquic_parse_Q046.c b/src/liblsquic/lsquic_parse_Q046.c
@@ -129,7 +129,7 @@ gquic_Q046_packout_header_size_long (const struct lsquic_conn *lconn,
 }
 
 
-/* [draft-ietf-quic-transport-17] Section-17.2 */
+/* [RFC 9000] Section 17.2 (Long Header Packet Types) */
 static const unsigned char header_type_to_bin[] = {
     [HETY_INITIAL]      = 0x0,
     [HETY_0RTT]         = 0x1,