A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an origanisation will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifable via a simple way, a security.txt notice.

# Our general contact form
Contact: <a href='https://gentlent.help/requests/new'>https://gentlent.help/requests/new</a>

# Our PGP key
Encryption: <a href='https://keybase.io/tomklein/pgp_keys.asc'>https://keybase.io/tomklein/pgp_keys.asc</a>

# Our languages
Preferred-Languages: en, de

Canonical: <a href='https://www.gentlent.com/.well-known/security.txt'>https://www.gentlent.com/.well-known/security.txt</a>