From aa5506eda809dfd25b4e1ee6edb5285a77958d2c Mon Sep 17 00:00:00 2001
From: Evan Hunt <each@isc.org>
Date: Thu, 28 Apr 2016 00:28:23 -0700
Subject: [PATCH] [master] update README

---
 CHANGES | 6 +++---
 README  | 3 +++
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/CHANGES b/CHANGES
index 31883339ca..f96f8f2854 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,12 +1,12 @@
-4349.   [contrib]       kasp2policy: A python script to create a DNSSEC
-                        policy file from an OpenDNSSEC KASP XML file.
+4349.	[contrib]	kasp2policy: A python script to create a DNSSEC
+			policy file from an OpenDNSSEC KASP XML file.
 
 4348.	[func]		dnssec-keymgr: A new python-based DNSSEC key
 			management utility, which reads a policy definition
 			file and can create or update DNSSEC keys as needed
 			to ensure that a zone's keys match policy, roll over
 			correctly on schedule, etc.  Thanks to Sebastian
-                        Castro for assistance in development. [RT #39211]
+			Castro for assistance in development. [RT #39211]
 
 4347.	[port]		Corrected a build error on x86_64 Solaris. [RT #42150]
 
diff --git a/README b/README
index 61c808cf03..11d4e934bf 100644
--- a/README
+++ b/README
@@ -76,6 +76,9 @@ BIND 9.11.0
 	    Unlike "fetches-per-server", this value is not self-tuning.)
 	  + New stats counters have been added to count
 	    queries spilled due to these quotas.
+	- Added a new "dnssec-keymgr" key mainenance utility, which can
+	  generate or update keys as needed to ensure that a zone's
+	  keys match a defined DNSSEC policy.
 	- The experimental "SIT" feature in BIND 9.10 has been renamed
 	  "COOKIE" and is no longer optional. EDNS COOKIE is a mechanism
 	  enabling clients to detect off-path spoofed responses, and