A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

# Please validate if you have the right security.txt file before using the information below.
# Most of our other websites will redirect to this central file, but some may have a similar file locally on the webserver.
# They should  all have the same content.
Canonical: https://kibitzer.nl/.well-known/security.txt
Canonical: https://www.kibitzer.nl/.well-known/security.txt
Canonical: https://pshzandgat.kibitzer.nl/.well-known/security.txt
 
# You shouldn't trust this file, once it has expired (like bad milk).
# We are sometimes a bit forgetful, but we do have an annual re-occuring task to keep this file up-to-date.
Expires: 2024-12-31T00:00:00z
 
# If you would like to report a security issue please first read our responsible disclosure (RD)/coordinated vulnerability disclosure(CVD) policy:
Policy: https://www.sidn.nl/en/cybersecurity/reporting-a-security-breach
Policy: https://www.sidn.nl/cybersecurity/beveiligingslek-melden
  
# Please always try to contact us through our online form to speed up things.
# Should that not be an option, then in order of preference the ways to contact us:
Contact: mailto:webmaster.kibitzer@gmail.com
 
# You can find the csirt@sidn.nl PGP key in our DNS zone.
# Example: dig [openpgpkey-below] openpgpkey +multi +dnssec +noadditional
Encryption: dns:c726929cd6784c1e8e0266755a0e6769b99c4019b748db550170bdc0._openpgpkey.sidn.nl.
 
# Our S/MIME public key of the CSIRT mailbox should this be an emergency.
Encryption: https://www.sidn.nl/.well-known/csirt_sidn_nl.crt
 
# We can offer you a proper response in the following languages:
Preferred-Languages: nl, en
 
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEk1JJjh4kZj3HpUqXgcG5mRAXKEYFAmVnS94ACgkQgcG5mRAX
KEaW5Q//TVhSPKvKGcxzJnaGEjEsrNM7q/iHR9nxFSqezJhZHmhpQoXY+KaQHd2Y
ak3f19hrxBb3nvca4FOgLZhOjk25DJfqubmHF3oSFE8c6MGBEmUe5fCQt1ptxmFj
TnUYxF91SYa7autBwt1wnSNwq1V9n4wZ9pCN0hU0GPvmr+oRjJjYwFYnCN1Jwnie
7k7wzmV4nUWDvCZWsXghZC0QnZILtrKO2sDEZvL3oSghHQnSmLMht7W7FLXtOcLf
VA3hENf7g3wMM0asRwVdtzocyzvXiQrumbmAWiQylEVsdqr3gmlXtFs21ijnqtWz
WtIe/ZBWxQNhByc/owClWSIoGJghB09cHh5/O0m9WmcZrS63ErvvjVtxjW8p69p2
ykZYfd3AhDKk79ezO2CRqztbLWNeMV6ZxwALmdj0/QRnBU05cxmpJy3jpvyzmanW
CwyfcO4p4Xhv9HH5EDv//fU/+4tOJH+q4Cq79pOH5m6ZID407ijBjIz0mme7Yoz9
AbzmxQziZeSmMOIxDYpFwuW885BDaRg4LnwjjBYbufWWj2uB1/cMEa8dg0ld5xNr
3w+QWSTlphfp9F6j4FsPqrgNHT2XmoRJ6uMpFzE9DkqXxQtnXVZ/OHLSeUePz/UJ
uZzFAuQOiHdC3NdcgqqnkMHe89R6C2qr1ST1m1JLKfEIMt6zML8=
=cdBh
-----END PGP SIGNATURE-----