A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Contact: mailto:security@ffflorian.de
Expires: 2024-04-11T19:46:00.000Z
Encryption: https://keyoxide.org/5B9DCD6E60D3813E82753335BDAD14B04B98BD1A
Preferred-Languages: de, en
Canonical: https://ffflorian.dev/.well-known/security.txt
-----BEGIN PGP SIGNATURE-----

iQJKBAEBCgA0FiEEW53NbmDTgT6CdTM1va0UsEuYvRoFAmQ1udgWHG1haWxAZmxv
cmlhbmltZGFobC5kZQAKCRC9rRSwS5i9GlcGEACJveLPHMDFrDjv4IwNXQQ/4ow7
w5Gb0Zk3mRR9zlz2YWuOgrkIRV4xLpDU6Jr1UYw/ubX/d9LSTCbnfa+0Pz1J+BUY
Wwe+PBmWbmV4XtnyU4bjEoiTeRhgKilvhyc1sjPvgELrUXsjXIGMOW03awJ5LgFq
LaDM6jYKJzZv5wR8RdVhOvJR5tB/Vofy1d6xWUEak9d7c21bFzvhV4NtKFVANbS2
a49LMzR1Ldp0Jie8/eQYZsa0ORBRlXM8qscGGeZtjLVe2qJ6frYVsaW8CwluODaP
mZH79QvWAj6HTfvAxzeYD3A/AEuCrAYG5dy2dJdAkWzLIBa7EKb4qR7QlFH/lR3X
atLL/9yoL6BFp96Smva77tzGhZeZ8SPtoDdJxd2g6aAim1yCLaGJOq3nQHc9s1kK
Sx6CdTDEuNKcFcCkxodB4j3DR/tDW+OtgEEJdRp0E71xwb693Um8KOzOH1PPRGhO
A6FNRu0nKAlIY8S443Y0M4c7Jkbb5GgFvvQrc3o0rI8Pgv5y8hKRLLpRs9wSkfO/
LxNrKXpCBehLpDOXuJBc3X+k32bQM4ViA0+xIovcuK3jlG7yrFdu/EoqHvdHJY3+
5s2XIwHaQI1Sry3kmbJMsIsChrIGyyaj06u3/kZnPMKqWBjOjA9l8d8Y7njBvVP1
Ydk4KfUvDwn79oS3LQ==
=0o6N
-----END PGP SIGNATURE-----