A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

# Our security address
Contact: mailto:security@ordoconnect.com
Contact: https://ordoconnect.com/security-contact

# Our OpenPGP key
Encryption: https://ordoconnect.com/pgp-key.txt

# Our security policy
Policy: https://ordoconnect.com/responsible-disclosure

# Our security acknowledgments page
Acknowledgments: https://ordoconnect.com/hall-of-fame

# Preferred languages
Preferred-Languages: fr, en

# Canonical URI
Canonical: https://ordoconnect.com/.well-known/security.txt

# Expiration date (1 year from now: 2026-10-31)
Expires: 2026-10-31T23:59:59.000Z

# Application information
# Application: OrdoConnect - Système de Gestion des Prescriptions Médicales
# Version: Laravel 12.x + Inertia.js + Vue 3
# Last Update: 2025-10-31