A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Contact: mailto:webmestre@Clauzel.eu
Contact: mailto:Damien@Clauzel.eu
Expires: 2030-12-31T22:59:00.000Z
Encryption: https://damien.clauzel.eu/public/Cles_publiques/GnuPG/Damien_Clauzel.eu_publique.asc
Preferred-Languages: fr, en, de, la
Canonical: https://Clauzel.eu/.well-known/security.txt
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEMiuJ8fpRMhFA87NYXojAHrr9GZgFAmXzCwYACgkQXojAHrr9
GZiJmw/9FcAZK13ykvnQaINJVrtjU3TMqq1cqs6w3lj1etvU4pyW+XSkB9CMWw2P
9MNWd4gJOXmo0qz5+/zDa3EDaDVVwyRbqTZ50DSEBg1eEECLAEhXjzRFVOUa0048
XyStvhIqoY7LEaUXJLtwPqFJSrCms4UtE5pf5jHhhZrFqIUGyYTbNe3FWpUQOB0x
QV970NQ2Vz0l52Hr+Bjk88y3FCRSivTMs6kVLujQ9y0MesYO5bosFh7tA4CPpqTS
8r4ymq02fATdhfsVWrcnLWtnfas5x4NdbB0mBIsWyB1gtqGKHicfM41oZDUbxBv+
prS/dBRftLuBe0RS3YoG7099gWZujFU7WWJIZA3xwuL474Btvc6WWW5iFYw2VDOl
10Ds6rXdWExEWtsS9H+HeFKoTXeMPaqMkvcJLtlb1eJ8jtjKjaixFGj3t1GJxTxR
2szZfJZAREnX6m123ZkfQVdE7tioD3GWuXUu5R/AQijDEPRroXIf8fuYEfyz0mO0
FLD63OFvRh3cAHLto2deeC+ZJiByRgZKGHNrVztOm9Kuf1RU8PW3xMYCoDpTFzdP
IztZ3CCit2yS794o+2Q7A+GYYBNSWY1YIF1s0orF4j0bt/heAddOmUtR9ENgOHDf
WFX10FO+h3xGRsPWglAcIQUs+4J3/Ph1h7LSSZBioRlR6cwXfyE=
=tNxF
-----END PGP SIGNATURE-----