diff --git a/docs/docs/app.md b/docs/docs/app.md
index e8798381..70941d81 100644
--- a/docs/docs/app.md
+++ b/docs/docs/app.md
@@ -53,7 +53,7 @@ Since the app is especially aimed at demonstrating interactions with hardware-ba
 (i.e. `AndroidKeyStore` on Android and `SecureEnclave` on iOS), some of the UI elements do not make sense on the JVM.
 
 !!! abstract winline end "Legend"
-    1. Toggle _Attestation_: Adds attestation information to the key. on iOS, only P-256 keys can be attested.
+    1. Attestation toggle: Adds attestation information to the key. On iOS, this only works for P-256 keys and requires an Internet connection.
     2. Biometric auth selection: Makes key usage require biometric authentication if set. The app provides one of:
         * Disabled = no auth required
         * 0s = auth on every use
diff --git a/docs/docs/supreme.md b/docs/docs/supreme.md
index 43944727..421f667e 100644
--- a/docs/docs/supreme.md
+++ b/docs/docs/supreme.md
@@ -353,6 +353,10 @@ For a list of supported algorithms, check out the [feature matrix](features.md#s
 The Android KeyStore offers key attestation certificates for hardware-backed keys.
 These certificates are exposed by the signer's `.attestation` property.
 
+!!!info inline end
+    On iOS, attestation requires an active Internet connection, as the device needs to communicate
+    with Apple's servers.
+
 For iOS, Apple does not provide this capability, but rather supports app attestation.
 We therefore piggy-back onto iOS app attestation to provide a home-brew "key attestation" scheme.
 The guarantees are different: you are trusting the OS, not the actual secure hardware;