DTLS Reordering: Improve doc of MBEDTLS_SSL_DTLS_MAX_BUFFERING
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 1cdff71..70770de 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -3015,6 +3015,15 @@
* Maximum number of heap-allocated bytes for the purpose of
* DTLS handshake message reassembly and future message buffering.
*
+ * This should be at least 9/8 * MBEDTLSSL_MAX_IN_CONTENT_LEN
+ * to account for a reassembled handshake message of maximum size,
+ * together with its reassembly bitmap.
+ *
+ * A value of 2 * MBEDTLS_SSL_MAX_IN_CONTENT_LEN (32768 by default)
+ * should be sufficient for all practical situations as it allows
+ * to reassembly a large handshake message (such as a certificate)
+ * while buffering multiple smaller handshake messages.
+ *
*/
//#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768