A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: mailto:security@bluetooth.com
Contact: https://www.bluetooth.com/learn-about-bluetooth/bluetooth-technology/bluetooth-security/reporting-security/
Encryption: https://www.bluetooth.com/learn-about-bluetooth/bluetooth-technology/bluetooth-security/reporting-security/pgp-key/
Preferred-Languages: en
Canonical: https://www.bluetooth.com/.well-known/security.txt
Expires: 28 June 2031 00:00:00 -0700
-----BEGIN PGP SIGNATURE-----

iQGzBAEBCAAdFiEE/Of2TsbvOwsMnZcWlXbEUKGC81EFAmEKrNgACgkQlXbEUKGC
81GejAv+M/HOPBvrvF91ozKgviG8ngkP6+k25M0c0iMM/+ayUdyCefQxOMBRRHSc
P57Ilx5ZfijfPDO+PsnO+SKqcCrBwBtakjhXKQ93rK7UnRNPJdkdb4c9ubJr9tRv
9l2ebD8ZpfO3O4iA2fGo/Fl6PzvyVCNK2zScq2YSuChTghe6OvagUrxoikQJ3v+1
1P+FAQnJJSLq++yGWOM2H4GlBjuzs+9le0gdRtBBtJe1M0ft45qV6G3oNetoM5C/
MQmx6q6+/Yw0eRXaFVqO2d81FYvyLlJOIUNTJhgBtsL+HuHUZf/cdEiwSCu8qOxN
69TXfw0QqHtS77dNiUjQMKQ0bWdnJARFe1yfQM40kwidZwOF78xUaNR21KVra2go
/n/L8RcyWnxjkiAzGQfXaQdpb1NrL9NOOCFksxjtWiQylalBGLqFRyoaebaKzbEW
ZF9enShy5oBh2VWsonWyOzxieQvUmQa9vEV8n3fk0BmAkWc6lWAOSvmH4R6STNN1
fG4NBSgk
=eEjV
-----END PGP SIGNATURE-----