A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Canonical: https://unstrichbar.de/.well-known/security.txt
Contact: mailto:tobias.herzinger@gmail.com
Preferred-Languages: de, en
Encryption: https://keybase.io/saartire/pgp_keys.asc?fingerprint=506a1c442699bfa6f51281d13aaa8a238b164860
Expires: 2026-01-01T00:00:00Z
-----BEGIN PGP SIGNATURE-----
Version: Keybase OpenPGP v2.1.13
Comment: https://keybase.io/crypto

wsFcBAABCgAGBQJnn17HAAoJEItuW1JiKwJpB+gQAKhxRKAB0lXbM8bmQnWiqKhh
5kgFHy+ffmNHSfdAwwNDd55ZGH4SKcq4wz7RGF68jAO3n/J98IIzRMxcFO8+Iji1
7Oor+xsZrcfkNX+2r+yJarPic+qwZPpE6WgvK8ZWK/zRsseEaM9KhaQM4WcVhrmH
yF1l7CmfLB/7eA54SFvc4b86iOClBgjy4j5mB89WqwNLNQgo7CeC9RPhJejzLiFT
UyeOdBhKqaCM4XMB2tXllAfoMxdjVtqrfpcx2gTxx8qaakuz0MqpYaeJAGbuYnHD
576sFJJK1+UDl04cziWJg0ZRinoCyta3aRO3fGmmUBJjcC8qOfvQTUVuqArcqOv8
vsjtU4lBYCwDcOnYlUlf/AtSDl21Nfa+9yvWcf1OyGbAHnvh1hy0afrnGkgYihfb
h4aXq26FoNtHzRb14tKIFwBeGNXAMd4WFotXF4utAvj9uHl/ilKjB2bM2GvUhGH4
ctOXRHO8H/JBxDGbPA0vlfI+B1DIi0vmDuzYjGoyhRno/laNEvQcxLoMjRrtf82S
5RBK5JnqiIfUZJsz/eZbZT7pZIoW02xSVsA9BKmYEhpWxBj7zIQIOAZ43VU6SjLI
Bl4No7mSX4yWBxGdGiMZdPsZsQMmBkxSmoSkYDQeqwPBLr/aVqogdacy/QpHLSR5
y4nY71JDAqdHE0OBfcwh
=baN1
-----END PGP SIGNATURE-----