A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Canonical: https://phyto5.nu/.well-known/security.txt
Contact: mailto:security@isaeus.nl
Preferred-Languages: en,nl
Encryption: https://isaeus.nl/pgp-key.txt
Expires: 2026-03-17T22:39:14Z

-----BEGIN PGP SIGNATURE-----

iQGzBAEBCgAdFiEEJKZYhMDk9HcLcYvO3hipuwbh0DEFAmfYpJIACgkQ3hipuwbh
0DGaAAv/c+4/EY/YNuNNqOttGWpyJT0MxeblV26NWZZSdE1yo8XdnBdQgT/jD0Tu
1T6bVizG7R62B1pfBHurodkL8kYHn2sE3BciPbP3tm/os7Ah6Ve/lLroi9doUqZO
xRJRXWMf6h2BiIu4HoGBl320yeH8hIIRG0tL02rDJDD5GRhSvDHP0zyr4LIAQSbv
A1R3b8qjPDymD7Hk2cPxl7ZvRXYa01uw2QQPmJwgoVHT5E2ZK6RaOh2s3vA8zvT7
SwloSfKjAeGI1edNWWurR8l3lWvWI0Q2rF8HAHfhbvXTC3NeOfqyDlyqI0N9Q4I9
9QWiJDH4vkMpYzxElR/wqcJCWJbeeZCZMNEnqdW3aXDEZst759KhjGsA37sgAMmd
QNXMmiy5/5oMwvZqcPH6ki48DuT3ZdO8q5q/Ivx/S2NpWRUutH8SETPxPmYs1dy5
zPURKvtmtxCWNfiv3aSAnKkTNrzBTvKeR56XQED5qx2QM9J9f3bBedfPJw2RzmLs
7OOSP4mj
=xw+Q
-----END PGP SIGNATURE-----