diff --git a/ChangeLog.d/mandatory-rng-param.txt b/ChangeLog.d/mandatory-rng-param.txt
index 4e04248fa..39ee33533 100644
--- a/ChangeLog.d/mandatory-rng-param.txt
+++ b/ChangeLog.d/mandatory-rng-param.txt
@@ -1,12 +1,14 @@
 API changes
-   * For all functions that take an RNG parameter, this parameter is now
-     mandatory (that is, NULL is not an acceptable value). Functions which
-     previously accepted NULL and now reject it are: the X.509 CRT and CSR
-     writing functions; the PK sign and decrypt function; the RSA encrypt,
-     decrypt, sign and private functions; the function in DHM and ECDH that
-     compute the share secret; the scalar multiplication functions in ECP.
+   * For all functions that take a random number generator (RNG) as a
+     parameter, this parameter is now mandatory (that is, NULL is not an
+     acceptable value). Functions which previously accepted NULL and now
+     reject it are: the X.509 CRT and CSR writing functions; the PK and RSA
+     sign and decrypt function; mbedtls_rsa_private(); the functions
+     in DHM and ECDH that compute the shared secret; the scalar multiplication
+     functions in ECP.
    * The following functions now require an RNG parameter:
      mbedtls_ecp_check_pub_priv(), mbedtls_pk_check_pair(),
      mbedtls_pk_parse_key(), mbedtls_pk_parse_keyfile().
+Removals
    * The configuration option MBEDTLS_ECP_NO_INTERNAL_RNG has been removed as
      it no longer had any effect.
diff --git a/docs/3.0-migration-guide.d/mandatory-rng-param.md b/docs/3.0-migration-guide.d/mandatory-rng-param.md
index 3cbc35695..f6aba08b1 100644
--- a/docs/3.0-migration-guide.d/mandatory-rng-param.md
+++ b/docs/3.0-migration-guide.d/mandatory-rng-param.md
@@ -5,16 +5,20 @@ This change affects all users who called a function accepting a `f_rng`
 parameter with `NULL` as the value of this argument; this is no longer
 supported.
 
-The changed functions are: the X.509 CRT and CSR writing functions; the PK
-sign and decrypt function; the RSA encrypt, decrypt, sign and private
-functions; the functions in DHM and ECDH that compute the share secret; the
-scalar multiplication functions in ECP.
+The changed functions are: the X.509 CRT and CSR writing functions; the PK and
+RSA sign and decrypt functions; `mbedtls_rsa_private()`; the functions in DHM
+and ECDH that compute the shared secret; the scalar multiplication functions in
+ECP.
 
 You now need to pass a properly seeded, cryptographically secure RNG to all
 functions that accept a `f_rng` parameter. It is of course still possible to
 pass `NULL` as the context pointer `p_rng` if your RNG function doesn't need a
 context.
 
+Alternative implementations of a module (enabled with the `MBEDTLS_module_ALT`
+configuration options) may have their own internal and are free to ignore the
+`f_rng` argument but must allow users to pass one anyway.
+
 Some functions gained an RNG parameter
 --------------------------------------