diff --git a/CHANGES b/CHANGES
index 0dfccf9909..00b38757d8 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,7 @@
+5.2.0-dev.393 | 2022-11-30 09:42:00 -0800
+
+  * GH-846: Expand Conn::Info$duration comment to clarify TCP end-of-connection handling (Christian Kreibich, Corelight)
+
 5.2.0-dev.391 | 2022-11-30 15:37:57 +0000
 
   * script optimization fixes: (Vern Paxson, Corelight)
diff --git a/VERSION b/VERSION
index 3564dfdf7a..3fa624ba13 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-5.2.0-dev.391
+5.2.0-dev.393
diff --git a/scripts/base/protocols/conn/main.zeek b/scripts/base/protocols/conn/main.zeek
index b47164ff6c..1e2ff41216 100644
--- a/scripts/base/protocols/conn/main.zeek
+++ b/scripts/base/protocols/conn/main.zeek
@@ -30,8 +30,16 @@ export {
 		## An identification of an application protocol being sent over
 		## the connection.
 		service:      string          &log &optional;
-		## How long the connection lasted.  For 3-way or 4-way connection
-		## tear-downs, this will not include the final ACK.
+		## How long the connection lasted.
+		##
+		## .. note:: The duration doesn't cover trailing "non-productive"
+		##    TCP packets (i.e., ones not contributing new stream payload)
+		##    once a direction is closed.  For example, for regular
+		##    3-way/4-way connection tear-downs it doesn't include the
+		##    final ACK.  The reason is largely historic: this approach
+		##    allows more accurate computation of connection data rates.
+		##    Zeek does however reflect such trailing packets in the
+		##    connection history.
 		duration:     interval        &log &optional;
 		## The number of payload bytes the originator sent. For TCP
 		## this is taken from sequence numbers and might be inaccurate