A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

# Generate a new signature for any changes to this file!

# Security Email address
Contact: mailto:security@spareroom.co.uk

# Contact page
Contact: https://www.spareroom.co.uk/contact.pl

OpenBugBounty: https://openbugbounty.org/bugbounty/Dev78241907/

# Encryption
# Encryption-key-user: Security SpareRoom <security@spareroom.co.uk>
# Encryption-key-ID: 25D014E7E24013B5
# Encryption-key-fingerprint: F931 D537 BB8B 687B 2B6A 35A7 25D0 14E7 E240 13B5

Encryption: https://www.spareroom.co.uk/pubkey.asc

# Signature of this file
Signature: https://www.spareroom.co.uk/.well-known/security.txt.sig

Preferred-Languages: en