diff --git a/doc/arm/Bv9ARM.ch05.html b/doc/arm/Bv9ARM.ch05.html
index 21051d1cad..b59c4b33fe 100644
--- a/doc/arm/Bv9ARM.ch05.html
+++ b/doc/arm/Bv9ARM.ch05.html
@@ -10582,7 +10582,8 @@ example.com. NS ns2.example.net.
                         <em class="replaceable"><code>identity</code></em> field.
                         The <em class="replaceable"><code>name</code></em> field
                         is ignored, but should be the same as the
-                        <em class="replaceable"><code>identity</code></em> field.
+                        <em class="replaceable"><code>identity</code></em> field or
+                        "."
                         The <code class="varname">self</code> nametype is
                         most useful when allowing using one key per
                         name to update, where the key has the same
@@ -10634,7 +10635,7 @@ example.com. NS ns2.example.net.
                         and converts it machine.realm allowing the machine
                         to update machine.realm.  The REALM to be matched
                         is specified in the <em class="replaceable"><code>identity</code></em>
-                        field.
+                        field.  The name field should be set to "."
                       </p>
                     </td>
 </tr>
@@ -10668,7 +10669,7 @@ example.com. NS ns2.example.net.
                         and converts it machine.realm allowing the machine
                         to update machine.realm.  The REALM to be matched
                         is specified in the <em class="replaceable"><code>identity</code></em>
-                        field.
+                        field. The name field should be set to "."
                       </p>
                     </td>
 </tr>
@@ -10685,7 +10686,8 @@ example.com. NS ns2.example.net.
                         converts it to machine.realm allowing the machine
                         to update subdomains of machine.realm.  The REALM
                         to be matched is specified in the
-                        <em class="replaceable"><code>identity</code></em> field.
+                        <em class="replaceable"><code>identity</code></em> field. The
+                        name field should be set to "."
                       </p>
                     </td>
 </tr>
@@ -10700,7 +10702,8 @@ example.com. NS ns2.example.net.
                         Allow updates that have been sent via TCP and
                         for which the standard mapping from the initiating
                         IP address into the IN-ADDR.ARPA and IP6.ARPA
-                        namespaces match the name to be updated.
+                        namespaces match the name to be updated.  The
+                        name field should be set to "."
                       </p>
                       <div class="note" style="margin-left: 0.5in; margin-right: 0.5in;">
 <h3 class="title">Note</h3>
diff --git a/doc/arm/Bv9ARM.ch08.html b/doc/arm/Bv9ARM.ch08.html
index f18fcc5728..269746e4ae 100644
--- a/doc/arm/Bv9ARM.ch08.html
+++ b/doc/arm/Bv9ARM.ch08.html
@@ -82,7 +82,8 @@
   <div class="section">
 <div class="titlepage"><div><div><h3 class="title">
 <a name="relnotes_security"></a>Security Fixes</h3></div></div></div>
-    <div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem">
+    <div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
+<li class="listitem">
 	<p>
 	  Addresses could be referenced after being freed during resolver
 	  processing, causing an assertion failure. The chances of this
@@ -90,7 +91,17 @@
 	  resolution increased them. This bug is disclosed in
 	  CVE-2017-3145. [RT #46839]
 	</p>
-      </li></ul></div>
+      </li>
+<li class="listitem">
+	<p>
+	  update-policy rules that otherwise ignore the name field now
+	  require that it be set to "." to ensure that any type list
+	  present is properly interpreted.  If the name field was omitted
+	  from the rule declaration and a type list was present it wouldn't
+	  be interpreted as expected.
+	</p>
+      </li>
+</ul></div>
   </div>
 
   <div class="section">
diff --git a/doc/arm/notes.html b/doc/arm/notes.html
index 4a1c80f3f3..00e4c747ce 100644
--- a/doc/arm/notes.html
+++ b/doc/arm/notes.html
@@ -44,7 +44,8 @@
   <div class="section">
 <div class="titlepage"><div><div><h3 class="title">
 <a name="relnotes_security"></a>Security Fixes</h3></div></div></div>
-    <div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem">
+    <div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
+<li class="listitem">
 	<p>
 	  Addresses could be referenced after being freed during resolver
 	  processing, causing an assertion failure. The chances of this
@@ -52,7 +53,17 @@
 	  resolution increased them. This bug is disclosed in
 	  CVE-2017-3145. [RT #46839]
 	</p>
-      </li></ul></div>
+      </li>
+<li class="listitem">
+	<p>
+	  update-policy rules that otherwise ignore the name field now
+	  require that it be set to "." to ensure that any type list
+	  present is properly interpreted.  If the name field was omitted
+	  from the rule declaration and a type list was present it wouldn't
+	  be interpreted as expected.
+	</p>
+      </li>
+</ul></div>
   </div>
 
   <div class="section">