A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

# Security.txt voor chiave.nl
# Conform RFC 9116

Contact: mailto:info@chiave.nl
Expires: 2026-03-18T06:16:24Z
Canonical: https://chiave.nl/.well-known/security.txt
Canonical: https://www.chiave.nl/.well-known/security.txt
Policy: https://chiave.nl
Encryption: https://chiave.nl/.well-known/pgp-key.txt
Preferred-Languages: nl, en
-----BEGIN PGP SIGNATURE-----

iQEzBAEBCAAdFiEE9TU379CuZ7dWhUqRXnSfLbhg9fkFAmh55rgACgkQXnSfLbhg
9flSqwf+NSsyOK0vVz6uGYlAVdz+M6Ge76GnFiNWaJl9spmzVL1atJq5kzwPJc8z
ujVX+8n7Vfl959SlY9a65Gdqr/sHtxgnfnJbbYu/suc7PzBN2BoMabQRKj3G3jPq
VLeeFb5I2npfDkSquFqnNriC29WTx8p1O4DOqPm8zpdJzDZ0e8W+sstMMzIU9rT8
417mnC2O6mseplBaV5Va/cEjgCzxK/vB7tDUXT4YJhSXLkq3y35gd3ROLqf43uS/
fNQMQ3S8VgHSgacBeq/vGUuy7NIvS4+Te/rzVE6cPcdtFDOao+yq6h6aRryl6NZa
+Jij3aAFhh/pnG3OsJh/eZxsriFdDw==
=Zn5h
-----END PGP SIGNATURE-----