DTLS Reordering: Improve doc of MBEDTLS_SSL_DTLS_MAX_BUFFERING

commit: 280075104e64a326985417c1e3f7dc4658586c8c [log] [tgz]
author: Hanno Becker <hanno.becker@arm.com> Tue Aug 28 09:46:44 2018 +0100
committer: Hanno Becker <hanno.becker@arm.com> Tue Aug 28 09:46:44 2018 +0100
tree: 5c85a66f0d5d567a5930f266a0fbeff0f376abb3
parent: 159a37f75dc1db92f32fc86259cf8a0f0afc55f8 [diff] [blame]
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 1cdff71..70770de 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h

@@ -3015,6 +3015,15 @@
  * Maximum number of heap-allocated bytes for the purpose of
  * DTLS handshake message reassembly and future message buffering.
  *
+ * This should be at least 9/8 * MBEDTLSSL_MAX_IN_CONTENT_LEN
+ * to account for a reassembled handshake message of maximum size,
+ * together with its reassembly bitmap.
+ *
+ * A value of 2 * MBEDTLS_SSL_MAX_IN_CONTENT_LEN (32768 by default)
+ * should be sufficient for all practical situations as it allows
+ * to reassembly a large handshake message (such as a certificate)
+ * while buffering multiple smaller handshake messages.
+ *
  */
 //#define MBEDTLS_SSL_DTLS_MAX_BUFFERING             32768
commit	280075104e64a326985417c1e3f7dc4658586c8c	[log] [tgz]
author	Hanno Becker <hanno.becker@arm.com>	Tue Aug 28 09:46:44 2018 +0100
committer	Hanno Becker <hanno.becker@arm.com>	Tue Aug 28 09:46:44 2018 +0100
tree	5c85a66f0d5d567a5930f266a0fbeff0f376abb3
parent	159a37f75dc1db92f32fc86259cf8a0f0afc55f8 [diff] [blame]