diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 085f40a8f..834cced87 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -2158,6 +2158,10 @@
  * The CTR_DRBG generator uses AES-256 by default.
  * To use AES-128 instead, enable \c MBEDTLS_CTR_DRBG_USE_128_BIT_KEY above.
  *
+ * \note To achieve a 256-bit security strength with CTR_DRBG,
+ *       you must use AES-256 *and* use sufficient entropy.
+ *       See ctr_drbg.h for more details.
+ *
  * Module:  library/ctr_drbg.c
  * Caller:
  *