1 files changed, 14 insertions, 5 deletions

diff --git a/src/util/crypto_wire.c b/src/util/crypto_wire.c
index a8941e18f..d935bec4d 100644
--- a/src/util/crypto_wire.c
+++ b/src/util/crypto_wire.c
@@ -24,8 +24,8 @@
 
 
 /**
- * Compute the hash of the given wire details.   The resulting
- * hash is what is put into the contract.
+ * Compute the hash of the given wire details. The resulting
+ * hash is what is signed by the master key.
  *
  * @param payto_uri bank account
  * @param[out] hc set to the hash
@@ -46,7 +46,7 @@ TALER_exchange_wire_signature_hash (const char *payto_uri,
 
 
 /**
- * Check the signature in @a wire_s.
+ * Check the signature in @a master_sig.
  *
  * @param payto_uri URL that is signed
  * @param master_pub master public key of the exchange
@@ -101,7 +101,8 @@ TALER_exchange_wire_signature_make (const char *payto_uri,
 
 /**
  * Compute the hash of the given wire details.   The resulting
- * hash is what is put into the contract.
+ * @a hc is what will be put into the contract between customer
+ * and merchant for signing by both parties.
  *
  * @param payto_uri bank account
  * @param salt salt used to eliminate brute-force inversion
@@ -126,7 +127,15 @@ TALER_merchant_wire_signature_hash (const char *payto_uri,
 
 
 /**
- * Check the signature in @a merch_sig. (Not yet used anywhere.)
+ * Check the signature in @a merch_sig.
+ * (Not yet used anywhere.)
+ *
+ * Expected to be used if/when we get @a merch_pub signed via
+ * X.509 *and* have a way for the WebEx wallet to check that the
+ * @a merch_pub provided matches that of the X.509 certificate
+ * from the Web site. Until then, @a merch_pub cannto be
+ * validated (no PKI), and hence there is no point in checking
+ * these signatures. (See #5129 and #3946).
  *
  * @param payto_uri URL that is signed
  * @param salt the salt used to salt the @a payto_uri when hashing