diff --git a/CHANGES b/CHANGES
index 096db9f8f5..f3ee05567d 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,9 +1,15 @@
+5681.	[func]		Relax the "zone_cdscheck" function to allow CDS and
+			CDNSKEY records in the zone that do not match an
+			existing DNSKEY record, so long as the algorithm
+			does match. This allows a clean rollover from one
+			provider to another in a multi-signer DNSSEC
+			configuration. [GL #2710].
+
 5680.	[bug]		Fix a crash in DoH code caused by GET requests without
 			query strings. [GL !5268]
 
 5679.	[bug]		Disable setting the thread affinity. [GL #2822]
 
-
 5678.	[bug]		The "check DS" code failed to release all resources upon
 			named shutdown when a refresh was in progress. This has
 			been fixed. [GL #2811]
diff --git a/doc/notes/notes-current.rst b/doc/notes/notes-current.rst
index 4a1586c40e..500c89b43d 100644
--- a/doc/notes/notes-current.rst
+++ b/doc/notes/notes-current.rst
@@ -64,6 +64,12 @@ Feature Changes
   that incorrectly echo back the query message with the RCODE field
   set to FORMERR and the QR bit set to 1. :gl:`#2249`
 
+- CDS and CDNSKEY records may now be published in a zone without the
+  requirement that they exactly match an existing DNSKEY record, so long
+  the zone is signed with an algorithm represented in the CDS or CDNSKEY
+  record.  This allows a clean rollover from one DNS provider to another
+  when using a multiple-signer DNSSEC configuration. :gl:`#2710`
+
 Bug Fixes
 ~~~~~~~~~