draft-ietf-tls-tls13-pkcs1-00 is now RFC 9963

Change-Id: Iaa1f78a6081973a8b3f4b5b3a3dc6048debc6ac4
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/94810
Presubmit-BoringSSL-Verified: boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Lily Chen <chlily@google.com>
Commit-Queue: Lily Chen <chlily@google.com>
Auto-Submit: David Benjamin <davidben@google.com>
diff --git a/ssl/ssl_privkey.cc b/ssl/ssl_privkey.cc
index 0262233..2947529 100644
--- a/ssl/ssl_privkey.cc
+++ b/ssl/ssl_privkey.cc
@@ -76,7 +76,7 @@
      /*client_only=*/false},
 
     // Legacy PKCS#1 v1.5 code points are only allowed in TLS 1.3 and
-    // client-only. See draft-ietf-tls-tls13-pkcs1-00.
+    // client-only. See RFC 9963.
     {SSL_SIGN_RSA_PKCS1_SHA256_LEGACY, EVP_PKEY_RSA, NID_undef, &EVP_sha256,
      /*is_rsa_pss=*/false, /*tls12_ok=*/false, /*tls13_ok=*/true,
      /*client_only=*/true},
diff --git a/ssl/test/runner/common.go b/ssl/test/runner/common.go
index b98052c..1f91219 100644
--- a/ssl/test/runner/common.go
+++ b/ssl/test/runner/common.go
@@ -334,7 +334,7 @@
 	signatureMLDSA65 signatureAlgorithm = 0x0905
 	signatureMLDSA87 signatureAlgorithm = 0x0906
 
-	// draft-ietf-tls-tls13-pkcs1-00
+	// RFC 9963
 	signatureRSAPKCS1WithSHA256Legacy signatureAlgorithm = 0x0420
 
 	// signatureRSAPKCS1WithMD5AndSHA1 is the internal value BoringSSL uses to