diff --git a/docs/3.0-migration-guide.d/remove-truncated-HMAC-extension.md b/docs/3.0-migration-guide.d/remove-truncated-HMAC-extension.md
new file mode 100644
index 0000000000..12f7c2385e
--- /dev/null
+++ b/docs/3.0-migration-guide.d/remove-truncated-HMAC-extension.md
@@ -0,0 +1,10 @@
+Remove the truncated HMAC extension
+-----------------------------------
+
+This affects all users who use the truncated HMAC extension for cryptographic
+operations.
+
+The config option `MBEDTLS_SSL_TRUNCATED_HMAC` has been removed. Users concerned
+about overhead are better served by using any of the CCM-8 ciphersuites rather
+than a CBC ciphersuite with truncated HMAC, and so going forward this must be
+the approach taken.