A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

# About this website: Anyone can easily create a homepage with https://bt-web.com/
# Date created: 2023-09-10T08:20:31+09:00
Contact: mailto:rfc9116_security_txt@bt-web.com
Expires: 2024-02-07T08:20:31+09:00
Encryption: https://bt-web.com/.well-known/pgp-key_h-c.cyou_20230910.txt
Encryption: https://btweb-demo.com/.well-known/pgp-key_h-c.cyou_20230910.txt
Encryption: https://btweb-demo2.jp/.well-known/pgp-key_h-c.cyou_20230910.txt
Preferred-Languages: ja, en, zh
Canonical: https://h-c.cyou/.well-known/security.txt
# coming soon...
#Policy: Policy: https://example.com/disclosure-policy.html
#Hiring: https://example.com/jobs.html
#Acknowledgments: https://example.com/hall-of-fame.html
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEOgzQOcM9vTvW+oduz9n44pnhGBIFAmT8/b8ACgkQz9n44pnh
GBKkqQ//QP1eQp835wLlHzhH2onrQoR+B9UbrvUlyL0Vph6sViGkEwQh9nxfDINy
KtGUHwaUmNURXBSVemkfkClpk5jTTL2GN6/7QIwdHQnzMIB5W1ZGnPIiaNHzFOBw
uarQSIDOfujFVx5i2TSIZlL7ZyUyzCKSRyeHySrviW2BDYOmX2qt+jA5KssaJbMH
T5RargMQyO7aO8BVla1FwHeqAXC7zzSDwsS1/AWmrsc2ayq1AoNmSU0R2KuRCok7
8WhVk27rSLlQs3IwzziUQi2czejNxMPlmBK6KFRpW2uAaNnkaWO7dcI2D5TVVBzl
04LYv6XumwBi1268mHGZ5F2t4cRJ+S/oT02iueauB/8Xwu/DcoDgr1TIDAT7GpjT
xZMyXDyVQCU0n5HOk0wj14DOYWjTffnGcftc52f6UiXL4iJYVNoXCMXUcKlZNJIC
DolO99fVqGqe8PWB8OFF9yrUFKXMzmNfJy2MOa21xSczHYeJ6CsnuXtNI8TWpFzo
eSBSen231hTn0jLSsrg8UDNjCibLKN+X8KZv6R/FDpVR9oIxKnMqxtaHE99acz11
b7ju7gM7EJQ1DsY84qzumE6db7kOLvmxHKfZPCcNYtdMQCkgu4QUUMGJY1HtaXKD
h3DlcZuW9y6dSXEEmj0U0t8UxP7sii1ltGM5JXEcJuX1Yx8h3OU=
=lL5T
-----END PGP SIGNATURE-----