diff --git a/CHANGELOG.md b/CHANGELOG.md
index b30bfa2..e262809 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -15,6 +15,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Add support for the `largeBlobKey` extension ([#18][])
 - Remove `AuthenticatorDataFlags::EMPTY` (use `AuthenticatorDataFlags::empty()` instead)
 - Allow missing algorithms in COSE keys ([#8][])
+- Remove unused `REALISTIC_MAX_MESSAGE_SIZE` constant
 
 [#8]: https://github.com/trussed-dev/ctap-types/pull/8
 [#9]: https://github.com/solokeys/ctap-types/issues/9
diff --git a/Cargo.toml b/Cargo.toml
index 66fae2d..525536b 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -32,6 +32,9 @@ quickcheck = "1.0.3"
 serde = { version = "1" }
 
 [features]
+# enables support for implementing the large-blobs extension, see src/sizes.rs
+large-blobs = []
+
 log-all = ["cbor-smol/log-all"]
 log-none = []
 
diff --git a/src/sizes.rs b/src/sizes.rs
index 06b1419..8b440ff 100644
--- a/src/sizes.rs
+++ b/src/sizes.rs
@@ -24,4 +24,13 @@ pub const THEORETICAL_MAX_MESSAGE_SIZE: usize = PACKET_SIZE - 7 + 128 * (PACKET_
 
 /// Max length for a large blob fragment, according to
 /// https://fidoalliance.org/specs/fido-v2.1-ps-20210615/fido-client-to-authenticator-protocol-v2.1-ps-20210615.html#largeBlobsRW
-pub const LARGE_BLOB_MAX_FRAGMENT_LENGTH: usize = 1200 - 64;
+///
+/// This constant determines the buffer size in [`ctap2::large_blobs::Response`][].  Ideally, this
+/// would be configurable.  Currently, this is not possible.  To keep the stack usage low if the
+/// extension is not used, this constant defaults to zero. For compatibility with the max message
+/// size in usbd-ctaphid (used by solo2 and nitrokey-3-firmware), it is set to 3072 - 64 =
+/// 3008 if the `large-blobs` feature is enabled.
+#[cfg(not(feature = "large-blobs"))]
+pub const LARGE_BLOB_MAX_FRAGMENT_LENGTH: usize = 0;
+#[cfg(feature = "large-blobs")]
+pub const LARGE_BLOB_MAX_FRAGMENT_LENGTH: usize = 3008;