A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

########################################################
# If you would like to report a security issue
# you may report it to us:
########################################################
Contact: https://gitlab.adullact.net/Comptoir/Comptoir-srv
Contact: https://comptoir-du-libre.org/pages/contact


########################################################
# security.txt is currently an Internet draft
# that has been submitted for RFC review.
#   https://securitytxt.org/
#   https://github.com/securitytxt/security-txt
#   https://tools.ietf.org/html/draft-foudil-securitytxt
########################################################