A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

Contact: mailto:security@falcoz.net
Contact: https://matrix.to/#/@oyapok:envs.net
Expires: 2026-03-28T23:59:00.000Z
Encryption: data:application/x-age-public-key,age182ltvsdvapcm5f3gcfgesa43kzqkvhsw7tflva875su2jkaqgyxs3g55jm
Preferred-Languages: en, fr
Canonical: https://falcoz.net/.well-known/security.txt

# Install minisign, a dead simple tool to sign files and verify digital signatures by Franck Denis from https://github.com/jedisct1/minisign or https://jedisct1.github.io/minisign/

# Download the minisign public key at https://falcoz.net/.well-known/falcoz.net.minisign.pub 

# Download the minisign signed file at https://falcoz.net/.well-known/security.txt.minisig

# Verify this file with the command [minisign -Vm security.txt -p falcoz.net.minisign.pub]