A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

#  _____ _______  ____   _______  __ ____
#  \__  \\_  __ \/    \ /  _ \  \/ // __ \ 
#   / __ \|  | \/   |  (  <_> )   /\  ___/ 
#  (____  /__|  |___|  /\____/ \_/  \___  >
#       \/ RFC 9116  \/  security.txt   \/ 


# Canonical URL
Canonical: https://www.arnove.net/.well-known/security.txt

# Expiration date
Expires: 2024-05-01T00:00:00.000Z

# Languages
Preferred-Languages: fr, en

# Security contact address
Contact: https://www.arnove.net/contact/

# OpenPGP key
Encryption: https://www.arnove.net/security/pgp-key.txt