diff --git a/man/knot.conf.5.in b/man/knot.conf.5.in
index 69f7ec416f2d21dff3482e13bb5ff5a38fbfcbd1..f00d5dfa92bee50eb94682b788f80a953b6e160e 100644
--- a/man/knot.conf.5.in
+++ b/man/knot.conf.5.in
@@ -270,9 +270,8 @@ serves as an example of the configuration for knotc(8) and knotd(8).
   # Default value: 30d (30 days or 2592000 seconds)
   # It is also possible to suffix with unit size [s/m/h/d]
   # f.e. 1s = 1 day, 1m = 1 minute, 1h = 1 hour, 1d = 1 day
-  # The lower limit is because the server will trigger resign when any of the
-  # signatures expires in 7200 seconds or less and it was chosen as a 
-  # reasonable value with regard to signing overhead.
+  # The signatures are refreshed one tenth of the signature lifetime before
+  # the signature expiration (i.e., 3 days before by default)
   signature-lifetime 30d;
   
   # Serial policy after DDNS and automatic DNSSEC signing.
diff --git a/samples/knot.full.conf b/samples/knot.full.conf
index 9099c349bd67dc7c7462165062893e4c3fb95995..2dd5512e1ee8c94f872d9a2836e341fec75c4740 100644
--- a/samples/knot.full.conf
+++ b/samples/knot.full.conf
@@ -266,9 +266,8 @@ zones {
   # Default value: 30d (30 days or 2592000 seconds)
   # It is also possible to suffix with unit size [s/m/h/d]
   # f.e. 1s = 1 day, 1m = 1 minute, 1h = 1 hour, 1d = 1 day
-  # The lower limit is because the server will trigger resign when any of the
-  # signatures expires in less than 7200 seconds and it was chosen as a 
-  # reasonable value with regard to signing overhead.
+  # The signatures are refreshed one tenth of the signature lifetime before
+  # the signature expiration (i.e., 3 days before by default)
   # signature-lifetime 30d;
 
   # Serial policy after DDNS and automatic DNSSEC signing.