diff --git a/CHANGES b/CHANGES
index e06bf62a3b..1c69daab9b 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,6 @@
+4975.	[bug]		The server cookie computation for sha1 and sha256 did
+			not match the method described in RFC 7873. [GL #356]
+
 4974.	[bug]		Restore default rrset-order to random. [GL #336]
 
 4973.	[func]		verifyzone() and the functions it uses were moved to
diff --git a/lib/ns/client.c b/lib/ns/client.c
index ad5f492d82..e0aa915c7b 100644
--- a/lib/ns/client.c
+++ b/lib/ns/client.c
@@ -1851,8 +1851,6 @@ compute_cookie(ns_client_t *client, isc_uint32_t when, isc_uint32_t nonce,
 			INSIST(0);
 		}
 		isc_hmacsha1_update(&hmacsha1, cp, length);
-		isc_hmacsha1_update(&hmacsha1, client->cookie,
-				    sizeof(client->cookie));
 		isc_hmacsha1_sign(&hmacsha1, digest, sizeof(digest));
 		isc_buffer_putmem(buf, digest, 8);
 		isc_hmacsha1_invalidate(&hmacsha1);
@@ -1888,8 +1886,6 @@ compute_cookie(ns_client_t *client, isc_uint32_t when, isc_uint32_t nonce,
 			INSIST(0);
 		}
 		isc_hmacsha256_update(&hmacsha256, cp, length);
-		isc_hmacsha256_update(&hmacsha256, client->cookie,
-				      sizeof(client->cookie));
 		isc_hmacsha256_sign(&hmacsha256, digest, sizeof(digest));
 		isc_buffer_putmem(buf, digest, 8);
 		isc_hmacsha256_invalidate(&hmacsha256);