torproject.org
A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 # Canonical URI Canonical: https://torproject.org/.well-known/security.txt # Our security address Contact: mailto:security@torproject.org # Our OpenPGP key Encryption: openpgp4fpr:835B4E04F6F7421104C4751A3EF9EF996604DE41 # Our security acknowledgements Acknowledgments: https://gitlab.torproject.org/tpo/core/team/-/wikis/NetworkTeam/TROVE # For tor (the network daemon) see Policy: https://gitlab.torproject.org/tpo/core/team/-/wikis/NetworkTeam/SecurityPolicy # Expires is required, formatted according to [ISO.8601-1] and [ISO.8601-2] Expires: 2025-04-15T18:00:00z -----BEGIN PGP SIGNATURE----- iQITBAEBCgB9FiEEg1tOBPb3QhEExHUaPvnvmWYE3kEFAmX0i/tfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDgz NUI0RTA0RjZGNzQyMTEwNEM0NzUxQTNFRjlFRjk5NjYwNERFNDEACgkQPvnvmWYE 3kEiWAv/TnaFhbwXFgP1HvoWN9YUZwZU5VsTa4uNodnmC36ivZsuzlp3riLRfCNk VFormtVxKU8SjVqpq3YHi1e2NgC6qLBZ1eWGi5lqJORJbOxB6tSlEOLmtm3GBkjO jqSlpQmEkSmEYcl5M4t59fIu7z/HmMiOt5g84upvAU1YQcsneHPXHSAoJIeOqW+u hJdziR4etzxPy6lOlbV3FfW5sYuVE+NA9Sktl0G3tWeQB79vOymCEp5Xb7cE/r1q qxyu5geibryRpQR/ZOChWY1JaFiUzx7vMU96HOexLmz99m4gdWhjsR4Xps/22zVt LjHANn6gAjOrJcnQGVIyPV/vJhO6zzN8ZMIEXtNvH/t6hT/J64E0YDzCEWk85FkO SdrMtFn9HG7wGU+iyQYoageBEV53TlGXlh8r3i1kHGuXCwbEQ+S+WYzQbYkkKFdY JtAC3kGaxwCPHijShWL/Wm5tEGksmDIaHQTXHgP+2h6ZC+aBAdNYPnLs0oEOZqnm Gek/ZUSO =X+Pz -----END PGP SIGNATURE-----
This policy crawled by Onyphe on the 2023-10-01 is sorted as securitytxt.
FireBounty © 2015-2024
