A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Canonical: http://16-02-1995.nl/.well-known/security.txt
Canonical: http://www.16-02-1995.nl/.well-known/security.txt
Canonical: http://service.intakt.com/securitytxt/generate.php?domain=16-02-1995.nl
Expires: 2027-01-02T03:39:36+00:00

# Please always try to contact us through our online form to speed up things.
Contact: https://www.intakt.com/security-en?lang=1
Contact: https://www.intakt.com/security
Contact: mailto:security@intakt.com

# This is the PGP public key that we use to sign our security.txt.
# Do *not* use it to send encrypted mails to us.
Encryption: dns:2591d67d64ef2e80cde67d27b6510e61eca0b5b7f220a30cbaf0bcf0._openpgpkey.sidnlabs.nl.

# We can offer a proper response in the following languages:
Preferred-Languages: nl, en

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEl73LEf7N19fldBYWtZuTMaWA1wUFAmlXPfgACgkQtZuTMaWA
1wU/Mg/9FMcE92ILY6maQ66ktOGqBRQ0zHc4dpGzVeeRdYJ6RLyqlWAuY5mlNxVj
g2xSd4snypF3ggtwy5lRlNGHZYfNkdTG7laQslMdwa6MIA5Q3jd5QxF76EYckX42
NEi0x6O6xQ7n+uIJ/J3jf5xo5szx0xinu++gQTeBRhJyXk/XbymVw/iXWH1yfo59
/0WMsrFWD/++k0napeYRFm/NyAvbDWcxEhvmyIgL7/RyyvX+q/oeTJ/IBGaARY0t
aUzvG/Zk8Rx0lnyjFOEpdHnPgtgu5BBu1IY5aARloDs9SnBt0aXnDJMWyAei/WcY
ExP0f4kqoIuipRBvGcQJ8oTCEdcrHrPUFSen+leZN2OPg0/RDZr0fydOV0RzxbEH
41n7oUkCOtBlZUuSm3fHObLJeKzbQ4sMiSG/dkspg2EG6KTmH3qxi8DuT1D/so3+
Nx8sCH3IyQlyh/o0j2qOZrD1gNbKT9lxcxQiCXecA3civknVm3Jxotc6ZcWhRmbA
Gj3TYKnyCcBbnUCBUxQB2NL+TaiXA6H5gSxBCoQLbsGHF1wJbR9nuWNG/wYXND+Q
A4oWMVW58dGqWoPqlQBIHJxPb0gqcI/EN7mk/U/zioawJFTxrIHy1gBsJxySrjvC
GnkSAkywgSqG0oz0EAx72AyT7J0FgW7aeM+VFFtAEDwn5EQOhmk=
=Pomm
-----END PGP SIGNATURE-----