From 5c27754bc4bb3c5bd092b701413b0f41388415b6 Mon Sep 17 00:00:00 2001
From: "Robin H. Johnson" <robbat2@gentoo.org>
Date: Thu, 21 Oct 2021 21:53:31 -0700
Subject: local/require-signed-push: clarify how delays in smartcard show up

Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
---
 local/require-signed-push | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/local/require-signed-push b/local/require-signed-push
index 20bc2e1..447e14a 100755
--- a/local/require-signed-push
+++ b/local/require-signed-push
@@ -98,7 +98,7 @@ verify_pusher_clock() {
 
 	# Timestamps:
 	# T0: nonce generation time (server, trusted input)
-	# T1: nonce signature time (client, untrusted input!)
+	# T1: nonce signature START time (client, untrusted input!)
 	# T2: signed-nonce receive time (server, trusted input)
 	T0="$SERVER_NONCE_TIME"
 	T1="$PUSHER_SIGN_TIME"
@@ -111,9 +111,11 @@ verify_pusher_clock() {
 	# T2-T0: how long the roundtrip took (only contains trusted inputs)
 	# - will only be negative if the server clock jump backwards during the round-trip!
 	#
-	# T2-T1: how long it took the client to send the signed nonce back (depends on untrusted input)
+	# T2-T1: how long it took the client to sign their timestamp & nonce and
+	#        send it back (depends on untrusted input)
 	# - will be negative if the client (T1) has a clock AHEAD of server (T2),
 	#   e.g. clock is "fast"
+	# - MAY contain delay from smartcards/tokens requiring interaction.
 	DELTA_T1_T0=$(( T1 - T0 ))
 	DELTA_T2_T0=$(( T2 - T0 ))
 	DELTA_T2_T1=$(( T2 - T1 ))
-- 
cgit v1.2.3-65-gdbad