diff --git a/CHANGES b/CHANGES
index 97ebc9f6c8..d5603fca4d 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,7 @@
+5561.	[bug]		KASP incorrectly set signature validity to the value
+			of the DNSKEY signature validity. This is now fixed.
+			[GL #2383]
+
 5560.	[func]		The default value of "max-stale-ttl" has been changed
 			from 12 hours to 1 day and the default value of
 			"stale-answer-ttl" has been changed from 1 second to
diff --git a/doc/notes/notes-current.rst b/doc/notes/notes-current.rst
index 60cd4d2ed5..eec08c3a79 100644
--- a/doc/notes/notes-current.rst
+++ b/doc/notes/notes-current.rst
@@ -65,3 +65,6 @@ Bug Fixes
 
 - Prevent rbtdb instances being destroyed by multiple threads at the same
   time. This can trigger assertion failures. [GL #2355]
+
+- KASP incorrectly set signature validity to the value of the DNSKEY signature
+  validity. This is now fixed. [GL #2383]
diff --git a/lib/dns/kasp.c b/lib/dns/kasp.c
index fc98a6c7cd..5a0cd30286 100644
--- a/lib/dns/kasp.c
+++ b/lib/dns/kasp.c
@@ -184,7 +184,7 @@ dns_kasp_setsigvalidity_dnskey(dns_kasp_t *kasp, uint32_t value) {
 	REQUIRE(DNS_KASP_VALID(kasp));
 	REQUIRE(!kasp->frozen);
 
-	kasp->signatures_validity = value;
+	kasp->signatures_validity_dnskey = value;
 }
 
 dns_ttl_t