Index: options.pptp
===================================================================
RCS file: /cvsroot/pptpclient/pptp-linux/options.pptp,v
retrieving revision 1.3
diff -u -r1.3 options.pptp
--- options.pptp	26 Mar 2006 23:11:05 -0000	1.3
+++ options.pptp	30 Aug 2012 12:38:36 -0000
@@ -33,17 +33,25 @@
 
 # Encryption
 # (There have been multiple versions of PPP with encryption support,
-# choose with of the following sections you will use.  Note that MPPE
+# choose which of the following sections you will use.  Note that MPPE
 # requires the use of MSCHAP-V2 during authentication)
+#
+# Note that using PPTP with MPPE and MSCHAP-V2 should be considered
+# insecure:
+# http://marc.info/?l=pptpclient-devel&m=134372640219039&w=2
+# https://github.com/moxie0/chapcrack/blob/master/README.md
+# http://technet.microsoft.com/en-us/security/advisory/2743314
 
 # http://ppp.samba.org/ the PPP project version of PPP by Paul Mackarras
 # ppp-2.4.2 or later with MPPE only, kernel module ppp_mppe.o
+# If the kernel is booted in FIPS mode (fips=1), the ppp_mppe.ko module
+# is not allowed and PPTP-MPPE is not available.
 # {{{
 # Require MPPE 128-bit encryption
 #require-mppe-128
 # }}}
 
-# http://polbox.com/h/hs001/ fork from PPP project by Jan Dubiec
+# http://mppe-mppc.alphacron.de/ fork from PPP project by Jan Dubiec
 # ppp-2.4.2 or later with MPPE and MPPC, kernel module ppp_mppe_mppc.o
 # {{{
 # Require MPPE 128-bit encryption