A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

# Canonical URL
Canonical: https://hattink.com/.well-known/security.txt

# Our security address
Contact: mailto:hostmaster@wait4it.cyou

# These are the languages we speak
Preferred-Languages: nl,en

# Our OpenPGP key
Encryption: openpgp4fpr:407B6A3B9CBAC6FE156A0BE54BF247D24ECADAA7

# You shouldn't trust this file, once it has expired (like bad milk)
Expires: 2026-07-12T03:42:53Z

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEQHtqO5y6xv4VagvlS/JH0k7K2qcFAmhx2b4ACgkQS/JH0k7K
2qcSNg/7BL1QCWf7ibSoj4kR684gMZlva/AiOOLsgW9T8br99GA4woIzc/cU4n8c
QlexXU70c0VcjjXKVBc1FcsHdj5ID2DddPkgSTiBWW847ES/kliBLA/IIFkuREMl
VCRMIvRyJqJL/EADDA/mfCzfsZiNr19rDmZ9J+I5Td8WLcLViGEmMtFsQfz84Znp
R7I25g7CNrL5ubXfXNO8WEdIzz+gsYCon/tkLlwpQBBw4zwR2/k07MG9/Gyom0j4
LbRxjtZPd4XyxEs3Es7f0w7C6GNJg5hnOdsStFsombO2grMLWfT23I1pjuWbyeaF
Pou8ViAD5dd9EsAZg67ncfSV6Qp6RZjPWCimxJ9d3hAkCIp7Bi47lZJAQTPJw6Ej
KABXCUyos1u5rorV2XF49fK1i1dz61UMMZ0wbXkbQ7QsWj+akAaR+eKv/SkjPgrN
fF5xgP4zmooIO9+OQILQVITbxPj3AzuQ9KRqS3N+BwHwCEPB3RD0WjbkDmUfHupy
P0oDFqKyvd/HRr8I9MBzRfrsPvpHp+9xXyoUIL/p2HFW1G6nC4fgLr2KfaSEZgFM
Q+57CtJLKo6lAdc/CqbcCnumEj20Xw3W/oJJUuZky2aZ1DYLVK3rfZLSVk4HAgSl
MZMb6x6bAlQDNWFmgJ+XiF3z4XZ8Tux9YJo0fRRJQi+XGLmWapk=
=PM9b
-----END PGP SIGNATURE-----