A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

# Security.txt voor bloemen-mozaiek.nl
# Conform RFC 9116

Contact: mailto:info@bloemen-mozaiek.nl
Expires: 2026-03-18T06:16:22Z
Canonical: https://bloemen-mozaiek.nl/.well-known/security.txt
Canonical: https://www.bloemen-mozaiek.nl/.well-known/security.txt
Policy: https://bloemen-mozaiek.nl
Encryption: https://bloemen-mozaiek.nl/.well-known/pgp-key.txt
Preferred-Languages: nl, en
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iQEcBAEBAgAGBQJoeea2AAoJEHWPdojmBnPB2vgH/iTMzGZrmDwgkDJCbp9Nvkab
9iZaka/dTNLF4f/pDqKuE6Nrkd1wC0NsHTHWSK5thh/GeRos5ah+xUwBf7ZP9Thk
5i4jE9QQIyFjT838ExgyRM9sm+lffTz7aMEHPq83Jwk8tU7ybT2u+YXhNHo5Hjun
1k/h9a1mYs2VWT4F1q4ZODXPP/ipd12CNZnk1nue+rp0qufv+s9pROl9FgTmCvez
vCX5f0PdUdPEPCVKTuO66whFzorEZ3NWq8uPhLt6Q2jQqltREYo9Z0XsRZuKb0si
w9uNQZBV7I2cqsZ0CnKktSXP5inzmLPFg+k00Wbz+Gul1cSIf3T2fK0IFYmNSBA=
=+fMf
-----END PGP SIGNATURE-----