A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

# Canonical URL
Canonical: https://hattink.com/.well-known/security.txt

# Our security address
Contact: mailto:hostmaster@wait4it.cyou

# These are the languages we speak
Preferred-Languages: nl,en

# Our OpenPGP key
Encryption: openpgp4fpr:407B6A3B9CBAC6FE156A0BE54BF247D24ECADAA7

# You shouldn't trust this file, once it has expired (like bad milk)
Expires: 2026-06-01T04:24:21Z

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEQHtqO5y6xv4VagvlS/JH0k7K2qcFAmg71fYACgkQS/JH0k7K
2qditQ/6Akwcu4xC6ygjJm7LGzkvExseh/td+U+Mx0UtEZwFmVYPPeWxEVYkTzDM
GYvqw+t42ARiajNSxXAZbzPcNTbLnWMKk0fw8q/BhN1xoq3j6oUbv+LTC8h4yIsx
Ym6pbWXM3RcC6KZ7+SAbU6hDS12m3otrpEy8w+XCTZGorBRwVp600rDXQ8og/Dap
tp/3F2oxmWyYxJdvSj85zmhZdoezGlM+gceeWit024BKu/RjqTHLNE8327iNHYL8
Fs993nTpdkt01Q25QtyPjhiKlDLXKXgStQlpsMR806xdmLBiDY4sGHR59QmcJ7ML
DDkHnguZNQUcPwu84HNWKqEnz2ukfidqX/0X3xwEYq4D96I2qGixsj1F5ZRxHj+Z
7/BiNvq7/vjKXkbwd0gl6g5RGtLpzPvxiZyjIo4c04YWt5hj8yXxtxvO0RZ0uXxZ
+6QcQKuKaptq1NEl/Kx7AkZ2oRbpgKpGyOspUAUYjS3+zY6cw3BNFSG7z8ZVoUhA
7slI5I7mR2oHZhHloK2aA+kYrh59RmjW2ZjbX51cRkrYXJrB/9ULBsPt8QzQz/wX
oFy0EDWBGH7/zcgRNULlfSslbtHq0/zCB8asExwIQUyXWnCCF38Zik4Ms/gUFADp
IxA6nWF0q6b2eQEKDwKcFxX/ezmjqXe/wC+u9/7Gi/dr1XiccZA=
=uWlT
-----END PGP SIGNATURE-----