diff --git a/bind.keys b/bind.keys
index 7ed690e4d3..db22d4bc03 100644
--- a/bind.keys
+++ b/bind.keys
@@ -53,11 +53,12 @@ managed-keys {
                 QxA+Uk1ihz0=";
 
         # This key (20326) is to be published in the root zone in 2017.
-        # Servers which were already using the old key should roll to the
-        # new # one seamlessly.  Servers being set up for the first time
-        # can use either of the keys in this file to verify the root keys
-        # for the first time; thereafter the keys in the zone will be
-        # trusted and maintained automatically.
+        # Servers which were already using the old key (19036) should
+        # roll seamlessly to this new one via RFC 5011 rollover. Servers
+        # being set up for the first time can use the contents of this
+        # file as initializing keys; thereafter, the keys in the
+        # managed key database will be trusted and maintained
+        # automatically.
         . initial-key 257 3 8 "AwEAAaz/tAm8yTn4Mfeh5eyI96WSVexTBAvkMgJzkKTOiW1vkIbzxeF3
                 +/4RgWOq7HrxRixHlFlExOLAJr5emLvN7SWXgnLh4+B5xQlNVz8Og8kv
                 ArMtNROxVQuCaSnIDdD5LKyWbRd2n9WGe2R8PzgCmr3EgVLrjyBxWezF
diff --git a/bind.keys.h b/bind.keys.h
index be40f1cffb..50d298cffc 100644
--- a/bind.keys.h
+++ b/bind.keys.h
@@ -54,11 +54,12 @@ trusted-keys {\n\
                 QxA+Uk1ihz0=\";\n\
 \n\
         # This key (20326) is to be published in the root zone in 2017.\n\
-        # Servers which were already using the old key should roll to the\n\
-        # new # one seamlessly.  Servers being set up for the first time\n\
-        # can use either of the keys in this file to verify the root keys\n\
-        # for the first time; thereafter the keys in the zone will be\n\
-        # trusted and maintained automatically.\n\
+        # Servers which were already using the old key (19036) should\n\
+        # roll seamlessly to this new one via RFC 5011 rollover. Servers\n\
+        # being set up for the first time can use the contents of this\n\
+        # file as initializing keys; thereafter, the keys in the\n\
+        # managed key database will be trusted and maintained\n\
+        # automatically.\n\
         . 257 3 8 \"AwEAAaz/tAm8yTn4Mfeh5eyI96WSVexTBAvkMgJzkKTOiW1vkIbzxeF3\n\
                 +/4RgWOq7HrxRixHlFlExOLAJr5emLvN7SWXgnLh4+B5xQlNVz8Og8kv\n\
                 ArMtNROxVQuCaSnIDdD5LKyWbRd2n9WGe2R8PzgCmr3EgVLrjyBxWezF\n\
@@ -125,11 +126,12 @@ managed-keys {\n\
                 QxA+Uk1ihz0=\";\n\
 \n\
         # This key (20326) is to be published in the root zone in 2017.\n\
-        # Servers which were already using the old key should roll to the\n\
-        # new # one seamlessly.  Servers being set up for the first time\n\
-        # can use either of the keys in this file to verify the root keys\n\
-        # for the first time; thereafter the keys in the zone will be\n\
-        # trusted and maintained automatically.\n\
+        # Servers which were already using the old key (19036) should\n\
+        # roll seamlessly to this new one via RFC 5011 rollover. Servers\n\
+        # being set up for the first time can use the contents of this\n\
+        # file as initializing keys; thereafter, the keys in the\n\
+        # managed key database will be trusted and maintained\n\
+        # automatically.\n\
         . initial-key 257 3 8 \"AwEAAaz/tAm8yTn4Mfeh5eyI96WSVexTBAvkMgJzkKTOiW1vkIbzxeF3\n\
                 +/4RgWOq7HrxRixHlFlExOLAJr5emLvN7SWXgnLh4+B5xQlNVz8Og8kv\n\
                 ArMtNROxVQuCaSnIDdD5LKyWbRd2n9WGe2R8PzgCmr3EgVLrjyBxWezF\n\