diff --git a/bogo/regen-certs b/bogo/regen-certs
index ef200ed8..a74eaa2d 100755
--- a/bogo/regen-certs
+++ b/bogo/regen-certs
@@ -47,7 +47,7 @@ EOF
 )
 
 # rsa_chain_cert.pem/rsa_chain_key.pem: rsa2048/sha256 with chain rsa2048/sha256
-# nb. chain is not validated
+# Note: chain is not validated
 openssl req -batch -x509 \
           -utf8 \
           -newkey rsa:2048 \
diff --git a/provider-example/examples/server.rs b/provider-example/examples/server.rs
index 91dad0d3..8dcaab00 100644
--- a/provider-example/examples/server.rs
+++ b/provider-example/examples/server.rs
@@ -35,7 +35,7 @@ fn main() {
                 )
                 .as_bytes();
 
-                // nb. do not used `unwrap()` on IO in real programs!
+                // Note: do not use `unwrap()` on IO in real programs!
                 conn.writer().write_all(msg).unwrap();
                 conn.write_tls(&mut stream).unwrap();
                 conn.complete_io(&mut stream).unwrap();
diff --git a/rustls/src/client/tls12.rs b/rustls/src/client/tls12.rs
index 3ddf039b..31e505aa 100644
--- a/rustls/src/client/tls12.rs
+++ b/rustls/src/client/tls12.rs
@@ -778,7 +778,7 @@ impl State<ClientConnectionData> for ExpectServerDone {
         // 5b.
         let mut transcript = st.transcript;
         emit_clientkx(&mut transcript, cx.common, kx.pub_key());
-        // nb. EMS handshake hash only runs up to ClientKeyExchange.
+        // Note: EMS handshake hash only runs up to ClientKeyExchange.
         let ems_seed = st
             .using_ems
             .then(|| transcript.get_current_hash());
@@ -918,7 +918,7 @@ impl State<ClientConnectionData> for ExpectCcs {
         // message.
         cx.common.check_aligned_handshake()?;
 
-        // nb. msgs layer validates trivial contents of CCS
+        // Note: msgs layer validates trivial contents of CCS.
         cx.common
             .record_layer
             .start_decrypting();
diff --git a/rustls/src/conn.rs b/rustls/src/conn.rs
index d219b0f6..30e27de9 100644
--- a/rustls/src/conn.rs
+++ b/rustls/src/conn.rs
@@ -310,7 +310,7 @@ impl ConnectionRandoms {
 
 fn is_valid_ccs(msg: &PlainMessage) -> bool {
     // We passthrough ChangeCipherSpec messages in the deframer without decrypting them.
-    // nb. this is prior to the record layer, so is unencrypted. see
+    // Note: this is prior to the record layer, so is unencrypted. See
     // third paragraph of section 5 in RFC8446.
     msg.typ == ContentType::ChangeCipherSpec && msg.payload.0 == [0x01]
 }
diff --git a/rustls/src/crypto/aws_lc_rs/mod.rs b/rustls/src/crypto/aws_lc_rs/mod.rs
index cecc38ef..a83ec7cb 100644
--- a/rustls/src/crypto/aws_lc_rs/mod.rs
+++ b/rustls/src/crypto/aws_lc_rs/mod.rs
@@ -128,7 +128,7 @@ static SUPPORTED_SIG_ALGS: WebPkiSupportedAlgorithms = WebPkiSupportedAlgorithms
         webpki_algs::RSA_PKCS1_3072_8192_SHA384,
     ],
     mapping: &[
-        // nb. for TLS1.2 the curve is not fixed by SignatureScheme. for TLS1.3 it is.
+        // Note: for TLS1.2 the curve is not fixed by SignatureScheme. For TLS1.3 it is.
         (
             SignatureScheme::ECDSA_NISTP384_SHA384,
             &[
diff --git a/rustls/src/crypto/cipher.rs b/rustls/src/crypto/cipher.rs
index 25160bac..d1ac707c 100644
--- a/rustls/src/crypto/cipher.rs
+++ b/rustls/src/crypto/cipher.rs
@@ -94,7 +94,7 @@ impl StdError for UnsupportedOperationError {}
 
 /// How a TLS1.2 `key_block` is partitioned.
 ///
-/// nb. ciphersuites with non-zero `mac_key_length` not currently supported
+/// Note: ciphersuites with non-zero `mac_key_length` are  not currently supported.
 pub struct KeyBlockShape {
     /// How long keys are.
     ///
@@ -218,7 +218,7 @@ pub const NONCE_LEN: usize = 12;
 pub fn make_tls13_aad(payload_len: usize) -> [u8; 5] {
     [
         ContentType::ApplicationData.get_u8(),
-        // nb. this is `legacy_record_version`, ie TLS1.2 even for TLS1.3.
+        // Note: this is `legacy_record_version`, i.e. TLS1.2 even for TLS1.3.
         (ProtocolVersion::TLSv1_2.get_u16() >> 8) as u8,
         (ProtocolVersion::TLSv1_2.get_u16() & 0xff) as u8,
         (payload_len >> 8) as u8,
diff --git a/rustls/src/crypto/ring/mod.rs b/rustls/src/crypto/ring/mod.rs
index 58fe4eb3..8681d2dc 100644
--- a/rustls/src/crypto/ring/mod.rs
+++ b/rustls/src/crypto/ring/mod.rs
@@ -123,7 +123,7 @@ static SUPPORTED_SIG_ALGS: WebPkiSupportedAlgorithms = WebPkiSupportedAlgorithms
         webpki_algs::RSA_PKCS1_3072_8192_SHA384,
     ],
     mapping: &[
-        // nb. for TLS1.2 the curve is not fixed by SignatureScheme. for TLS1.3 it is.
+        // Note: for TLS1.2 the curve is not fixed by SignatureScheme. For TLS1.3 it is.
         (
             SignatureScheme::ECDSA_NISTP384_SHA384,
             &[
diff --git a/rustls/src/dns_name.rs b/rustls/src/dns_name.rs
index 5d04f197..a4185349 100644
--- a/rustls/src/dns_name.rs
+++ b/rustls/src/dns_name.rs
@@ -16,7 +16,7 @@ impl<'a> DnsName {
 
     /// Validate the given bytes are a DNS name if they are viewed as ASCII.
     pub fn try_from_ascii(bytes: &[u8]) -> Result<Self, InvalidDnsNameError> {
-        // nb. a sequence of bytes that is accepted by `validate()` is both
+        // Note: a sequence of bytes that is accepted by `validate()` is both
         // valid UTF-8, and valid ASCII.
         String::from_utf8(bytes.to_vec())
             .map_err(|_| InvalidDnsNameError)
diff --git a/rustls/src/limited_cache.rs b/rustls/src/limited_cache.rs
index 5198a4dd..70b581fc 100644
--- a/rustls/src/limited_cache.rs
+++ b/rustls/src/limited_cache.rs
@@ -57,7 +57,7 @@ where
     pub(crate) fn insert(&mut self, k: K, v: V) {
         let inserted_new_item = match self.map.entry(k) {
             Entry::Occupied(mut old) => {
-                // nb. does not freshen entry in `oldest`
+                // Note: does not freshen entry in `oldest`
                 old.insert(v);
                 false
             }
diff --git a/rustls/src/manual/implvulns.rs b/rustls/src/manual/implvulns.rs
index d08e1100..a073350c 100644
--- a/rustls/src/manual/implvulns.rs
+++ b/rustls/src/manual/implvulns.rs
@@ -86,7 +86,7 @@ the message type before further operations.
 
 A sample sequence for a full TLSv1.2 handshake by a client looks like:
 
-- `hs::ExpectServerHello` (nb. ClientHello is logically sent before this state); transition to `tls12::ExpectCertificate`
+- `hs::ExpectServerHello` (Note: ClientHello is logically sent before this state); transition to `tls12::ExpectCertificate`
 - `tls12::ExpectCertificate`; transition to `tls12::ExpectServerKX`
 - `tls12::ExpectServerKX`; transition to `tls12::ExpectServerDoneOrCertReq`
 - `tls12::ExpectServerDoneOrCertReq`; delegates to `tls12::ExpectCertificateRequest` or `tls12::ExpectServerDone` depending on incoming message.
diff --git a/rustls/src/server/tls13.rs b/rustls/src/server/tls13.rs
index 3f9ba04f..976e4456 100644
--- a/rustls/src/server/tls13.rs
+++ b/rustls/src/server/tls13.rs
@@ -1166,7 +1166,7 @@ impl State<ServerConnectionData> for ExpectFinished {
             }
         };
 
-        // nb. future derivations include Client Finished, but not the
+        // Note: future derivations include Client Finished, but not the
         // main application data keying.
         self.transcript.add_message(&m);
 
diff --git a/rustls/src/tls12/mod.rs b/rustls/src/tls12/mod.rs
index 4d5d0a77..4a5593cc 100644
--- a/rustls/src/tls12/mod.rs
+++ b/rustls/src/tls12/mod.rs
@@ -145,7 +145,7 @@ impl ConnectionSecrets {
     /// and the session's `secrets`.
     pub(crate) fn make_cipher_pair(&self, side: Side) -> MessageCipherPair {
         // Make a key block, and chop it up.
-        // nb. we don't implement any ciphersuites with nonzero mac_key_len.
+        // Note: we don't implement any ciphersuites with nonzero mac_key_len.
         let key_block = self.make_key_block();
         let shape = self.suite.aead_alg.key_block_shape();