X-Git-Url: http://www.git.cypherpunks.ru/?a=blobdiff_plain;f=doc%2Ffaq.texi;h=021cc552163f25bc90a09f49d0c716f308682d0a;hb=831cb44403d1c94eddff4ac9f56d386a9707c47b;hp=c9da019f1e2000b887469846527041e618d393a0;hpb=d45dbf3033f363b632c19de05c6826ae9f71e9aa;p=govpn.git

diff --git a/doc/faq.texi b/doc/faq.texi
index c9da019..021cc55 100644
--- a/doc/faq.texi
+++ b/doc/faq.texi
@@ -106,6 +106,16 @@ timestamps and sizes. You can run traffic analysis and predict what is
 going on in the network. With CPR option enabled you can tell either
 somebody is online, or not -- nothing less, nothing more.
 
+@item When should I use @ref{Timesync, time synchronization} option?
+Without that option, if someone captured initial handshake packet from
+the valid client, then it could repeat it and receive a handshake packet
+as an answer from server. This can be used to detect if some user's
+identity is known to server and that it is exactly GoVPN server.
+Timesync option forces adding timestamps to each handshake packet
+allowing only specified time window of packet validness. If you have got
+more or less synchronized clocks between your clients and server, then
+you can use always use this option.
+
 @cindex DoS
 @item Can I DoS (denial of service) the daemon?
 Each transport packet is authenticated first with the very fast UMAC