-
In section 5.5.3, the third point should be "Set valid_until_ms = NOW() - time_session_init + TTL".
-
In section 5.5.4, the second point should be "Check that valid_until_ms <= NOW() - time_session_init".
Otherwise, you would need two synchronized clocks and time_session_init would be useless.
The ref implementation does as I described. See https://github.com/aegis4ics/ssp21-cpp/blob/master/cpp/libs/src/ssp21/crypto/Session.cpp#L171 and https://github.com/aegis4ics/ssp21-cpp/blob/master/cpp/libs/src/ssp21/crypto/Session.cpp#L118
In section 5.5.3, the third point should be "Set
valid_until_ms = NOW() - time_session_init + TTL".In section 5.5.4, the second point should be "Check that
valid_until_ms <= NOW() - time_session_init".Otherwise, you would need two synchronized clocks and
time_session_initwould be useless.The ref implementation does as I described. See https://github.com/aegis4ics/ssp21-cpp/blob/master/cpp/libs/src/ssp21/crypto/Session.cpp#L171 and https://github.com/aegis4ics/ssp21-cpp/blob/master/cpp/libs/src/ssp21/crypto/Session.cpp#L118