A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Contact: mailto:hosting@lico.nl
Encryption: https://lico.nl/pgp-key.txt
Preferred-Languages: nl, en
Canonical: https://lico.nl/.well-known/security.txt
Expires: 2026-12-31T23:59:59Z
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE5AJzLGFlWXqx5Bdc/aNX0Tez/+AFAmilydIACgkQ/aNX0Tez
/+Cttg//dVj2LxvU3c+K49OUHdPSRRAmkqREbhyG96jamTKKsY9sVfc/PYfJLCV2
QlNVJAqrngkxWgxjvKMPG7XJ2EmF4CuGWIX0I6JYQWqK1YIR/AugvF6byKCmPf5e
dB9+jtz8TFF6QpcVgl4WFCb33/5aSSERYZWM7BVSQEV3QAVQRG5iJp/eYUFHjJpK
I54q4gqH+NkA+GpaRYyWIIEqxfeKcI+5e3GqD7t0ymg2nIh1b8/Jfi7c9GjNfqXH
IRtvefwXwkDO+YEJmn2Tqta3B6S5Z8TsYJTUsCe5Nnr+hs5ddy5BTNRN5/q4RjU7
XX5jOsvZjcDb1m1+gw1MPHlGXxptRX8qZJgzJWOyJYtJ5Gi8VVviVGa/z6KBLU41
bjo3OrOeIZ087vVoPJ+/BukDmZHgGyGroG9DYzb8OJAaSIyYry7m+ljvPRuEgyGx
OEBK46LzIbW+pK0ATOko/xt4KxnNhJ3D8tqCN3hF4r+97p9gPHI3/rSjVjGVruyB
Hks/TJQmvAaD7P3klx4OIyNGnZort3VPFkd0PxXdgTeIFwW8dGNWJyNT5EhQGTKo
gXacHNQC6FC0p2LiRCgCnVBKfz+Ep/eMG7s8Fof91eZNIiz/2j4nAV0+GfEATbQC
Ckp+a0gPDKKzSZoC1+QmbVaadgzqRMM5kkOnHvinAhqyqp7npac=
=WEbh
-----END PGP SIGNATURE-----