diff --git a/configure.ac b/configure.ac
index 91868887d..f086fc2db 100644
--- a/configure.ac
+++ b/configure.ac
@@ -179,7 +179,7 @@ ENABLED_CERTS="no"
 
 # Implements requirements from RFC9325
 AC_ARG_ENABLE([harden-tls],
-    [AS_HELP_STRING([--enable-harden-tls],[Enable requirements from RFC9325. Possible values are <yes>, <112>, or <128> (default: disabled)])],
+    [AS_HELP_STRING([--enable-harden-tls],[Enable requirements from RFC9325. Possible values are <yes>, <112>, or <128>. <yes> is equivalent to <112>. (default: disabled)])],
     [ ENABLED_HARDEN_TLS=$enableval ],
     [ ENABLED_HARDEN_TLS=no ]
     )
diff --git a/src/internal.c b/src/internal.c
index 5e30694b4..6b63d0dc0 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -79,6 +79,10 @@
  *     by default.
  *     https://www.rfc-editor.org/rfc/rfc8446#section-5.5
  *     https://www.rfc-editor.org/rfc/rfc9147.html#name-aead-limits
+ * WOLFSSL_HARDEN_TLS
+ *     Implement the recommendations specified in RFC9325. This macro needs to
+ *     be defined to the desired amount of bits of security. The currently
+ *     implemented values are 112 and 128 bits.
  */