Update document of ticket age tolerance

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>

include/mbedtls/mbedtls_config.h

@@ -4099,19 +4099,21 @@
 /**
  * \def MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE
  *
- * Maximum time difference in milliseconds tolerated between the age of a
+ * Maximum allowd ticket age difference in milliseconds tolerated between
- * ticket from the server and client point of view.
+ * server and client. Default value is 6000. This is not used in TLS 1.2.
- * From the client point of view, the age of a ticket is the time difference
+ *
- * between the time when the client proposes to the server to use the ticket
+ * - The client ticket age is the time difference between the time when the
- * (time of writing of the Pre-Shared Key Extension including the ticket) and
+ *   client proposes to the server to use the ticket and the time the client
- * the time the client received the ticket from the server.
+ *   received the ticket from the server.
- * From the server point of view, the age of a ticket is the time difference
+ * - The server ticket age is the time difference between the time when the
- * between the time when the server receives a proposition from the client
+ *   server receives a proposition from the client to use the ticket and the
- * to use the ticket and the time when the ticket was created by the server.
+ *   time when the ticket was created by the server.
- * The server age is expected to be always greater than the client one and
+ *
- * MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE defines the
+ * The ages might be different due to accuracy of RTC crypstal. The typical
- * maximum difference tolerated for the server to accept the ticket.
+ * accuracy of an RTC crystal is ±100 to ±20 parts per million (360 to 72
- * This is not used in TLS 1.2.
+ * milliseconds per hour). Default tolerance windows is 6s, thus in the worst
+ * case client and servers must sync up their system time every 6000/360/2~=8
+ * hours.
  *
  */
 //#define MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE 6000