A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

# Canonical URL
Canonical: https://mrcarwash.nl/.well-known/security.txt

# Our security address
Contact: https://daxis-ict.nl/meld-kwetsbaarheid/
Contact: https://daxis-ict.nl/report-vulnerability/

# Our security policy
Policy: https://daxis-ict.nl/meld-kwetsbaarheid/#policy
Policy: https://daxis-ict.nl/report-vulnerability/#policy

# Hall of fame
Acknowledgments: https://daxis-ict.nl/hall-of-fame/

# These are the languages we speak
Preferred-Languages: nl,en

# Our OpenPGP key
Encryption: https://daxis-ict.nl/meld-kwetsbaarheid/
Encryption: https://daxis-ict.nl/report-vulnerability/
Encryption: openpgp4fpr:811100944C94E98784B291AC6C447AC1825F7655

# You shouldn't trust this file, once it has expired (like bad milk)
Expires: 2026-04-01T02:54:34Z

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEgREAlEyU6YeEspGsbER6wYJfdlUFAmlV7/oACgkQbER6wYJf
dlXGMA/6AnhmZEUAKyJvIrx50ABabzHRMltziIW59WJXP1dpoq3xKu3Z7Pu6/NsV
y89H2G+Z6zeDX5oQc5KU+/4DQQ6lGhVzYchOgqgKk49hggzuosnCaDwYCsfJdCN6
Uj/djjGQxrGq7n1hAVtYVWYPPNPtKL7Zc94FV1OsrEG+GAI3MWbTBjc83nNVMy0r
stxDuuH2526OJT0o9tmQzMtLZAmgwIYikVm7dKxh2xUJ8VjrH/W/YSwRZn5GSAFr
HHtLl6I7oDW7AMXRl1fL1aH41oTLdMIj7udz9MXbAGrP1/xgLTtrLiJMZ+Lp2Lpv
iIOtQR7/M9iOUjf4fjg5zYYV3CCeVqA7BADwOrpM+n6itKQQW04OQZxpyVZdFSqc
0MB/guenRkHtqk7ApPuCzYC/plIg2UC8v+fDC3BlDUUNig/X1U6WA/W8V/Vs7Uwg
8KbwdGEb3V7QsUDPjMs3pDYDTVlxt/ydwWnpnG3PxJ95Am7CpCIabcsiy+NWfWAC
zQZR+c87zXRxVDzB5sJbA5cxcFPsO3ip37k2y1REXP759LD5x8Zo4dMDzqhc6bJw
mklg97EGSoaxOtwr+0z3lTefNEbXSpSxL8nAS95/Lklcxh7ZJIgK74pLiKqV3umI
h1hzJi1wpYS7koT7X85+Li3ze7Q7dhc/VAXw40FAmpRvXBc0/dA=
=UEff
-----END PGP SIGNATURE-----