From fc6434b63e70bddbb909036fbec2aad8feb4ab47 Mon Sep 17 00:00:00 2001
From: Michael Merickel <michael@merickel.org>
Date: Sun, 29 Nov 2020 13:21:34 -0600
Subject: add a note and fix suggestions

---
 docs/whatsnew-2.0.rst | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'docs/whatsnew-2.0.rst')

diff --git a/docs/whatsnew-2.0.rst b/docs/whatsnew-2.0.rst
index d1f66707d..e97198b23 100644
--- a/docs/whatsnew-2.0.rst
+++ b/docs/whatsnew-2.0.rst
@@ -144,6 +144,13 @@ Deprecations
 Upgrading Authentication/Authorization
 --------------------------------------
 
+.. note::
+    It's important to note that the principal and ACL features within :app:`Pyramid` are not going away, nor deprecated, nor removed.
+    Most ACL features are deprecated in their current locations and moved into the :mod:`pyramid.authorization` module.
+    The main change is that they are now more optional than before and modifications were made to make the top-level APIs less opinionated as well as simpler.
+
+:app:`Pyramid` provides a simple set of APIs for plugging in allowed/denied semantics in your application.
+
 The authentication and authorization policies of Pyramid 1.x have been merged into a single :term:`security policy` in Pyramid 2.0.
 Authentication and authorization policies can still be used and will continue to function normally, however they have been deprecated and support may be removed in upcoming versions.
 
-- 
cgit v1.2.3