1 files changed, 15 insertions, 4 deletions

diff --git a/actionpack/CHANGELOG.md b/actionpack/CHANGELOG.md
index 586b15a62d..798c34e87c 100644
--- a/actionpack/CHANGELOG.md
+++ b/actionpack/CHANGELOG.md
@@ -1,7 +1,18 @@
 ## Rails 4.0.0 (unreleased) ##
 
+*   Automatically configure cookie-based sessions to be encrypted if
+    `secret_key_base` is set, falling back to signed if only `secret_token`
+    is set. Automatically upgrade existing signed cookie-based sessions from
+    Rails 3.x to be encrypted if both `secret_key_base` and `secret_token`
+    are set, or signed with the new key generator if only `secret_token` is
+    set. This leaves only the `config.session_store :cookie_store` option and
+    removes the two new options introduced in 4.0.0.beta1:
+    `encrypted_cookie_store` and `upgrade_signature_to_encryption_cookie_store`.
+
+    *Trevor Turk*
+
 *   Ensure consistent fallback to the default layout lookup for layouts set
-    using symbols or procs that return nil.
+    using symbols or procs that return `nil`.
 
     All of the following layouts will result in the default layout lookup:
 
@@ -10,13 +21,13 @@
         layout proc { nil }
 
         layout :returns_nil
-
         def returns_nil
           nil
         end
 
-    Previously symbols and procs which returned nil resulted in no layout which
-    differed from the `layout nil` behavior.
+    Previously symbols and procs which returned `nil` resulted in no layout which
+    differed from the `layout nil` behavior. To get the "no layout" behavior just
+    return `false` instead of `nil` for `layout`.
 
     *Chris Nicola*