A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

# This project is based on the open-source framework hosted on https://github.com/rhergenreder/web-base
# Any non site-specific issues can be reported via the github security reporting feature:
# https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability
# or by contacting me directly: mail(at)romanh(dot)de

Canonical: https://romanh.de/.well-known/security.txt
Preferred-Languages: en, de
Expires: 2025-12-01T00:00:00+01:00

Contact: webmaster@romanh.de
Encryption: https://romanh.de/.well-known/gpg-key.txt