A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

# Please validate if you have the right security.txt file before using the information below.
# Most of our other websites will redirect to this central file,
#  but some may have a similar file locally on the webserver.
# They should all have the same content.
Canonical: https://www.sidn.nl/.well-known/security.txt
Canonical: https://www.sidnfonds.nl/.well-known/security.txt
Canonical: https://www.sidnlabs.nl/.well-known/security.txt
Canonical: https://registrars.sidn.nl/.well-known/security.txt
 
# Our security.txt file will be annually updated.
Expires: 2024-12-31T00:00:00z
 
# If you would like to report a security issue please first read our
#  responsible disclosure (RD) / coordinated vulnerability disclosure(CVD) policy:
Policy: https://www.sidn.nl/en/cybersecurity/reporting-a-security-breach
Policy: https://www.sidn.nl/cybersecurity/beveiligingslek-melden
  
# Please always try to contact us through our online form to speed up things.
Contact: https://www.sidn.nl/en/cybersecurity/reporting-a-security-breach
Contact: https://www.sidn.nl/cybersecurity/beveiligingslek-melden

# PGP public key of csirt[at]sidn.nl to verify the signature of security.txt
# Example: dig [openpgpkey-below] openpgpkey +multi +dnssec +noadditional
Encryption: dns:c726929cd6784c1e8e0266755a0e6769b99c4019b748db550170bdc0._openpgpkey.sidn.nl.
 
# We can offer you a proper response in the following languages:
Preferred-Languages: nl, en
 
# If you think you'd like to join our team, please visit our job vacancy page:
Hiring: https://www.sidn.nl/en/work-at-sidn
Hiring: https://www.sidn.nl/werken-bij-sidn
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEB3VvF3RQ5I4ATsNj98VToa/5vNAFAmX6u9gACgkQ98VToa/5
vNACEg//YDmovDXHRjVWWxg4Zvt8xQF+3W/Yz9KSbVdIN+KTKmARU2nNbuXChADy
nD6+jZSY5B4ebNZYl/8jpR/mr/rO6H0Puo7qHa99A5JxXa/2N6Z5eFFs6wiSyl5O
eNWztYsYn4Pke+/vrnWCSZZJT6T0dSVwNYF0/C20MbasaZfZncyBtsCxJhNSrKNn
mDiydT3xYOodLZFEjwWw8sVKRzwzBNCSPwqdaCgkHyC9gxbmlBYKa+GVDOU0V+WO
EVJ9lsI9CTXThrBCy8fPYm73DsNDrAhQtE0Smh8Daqdg8M44JL5iIDEdaSjzElp0
FVnPaF33aWfQ2oOhuhTj4twX2Yc3ajU14bDgBk9rHKY1YmcPCAlxVOJUPSARScM3
99j532fH7j0wbAYez78ldQP5lB8bnA/2fyLm0/MSQgFrPxjSBamsL9bUcSH+GDaG
OUfOCvnelu1wO+U5oWqxkpwmMZUo6c4q5zUty43YFxsQ/lBkHZezMD81uWdkJgaP
JUwNI0AXS+dsMIb0gJRlJwIQDdHrr4KyZCMY2i/6pGdBANxswN2lm9Tl+CVkdOUr
YVmi7sx/UCO4yTK8LEWY2rcrtV6NEVVXebGm9YHk/lX4JThOTQQX1vvMfZy2ki83
3ZlWcUX5IB4mrEj4UEcj/KXmKXWkTrhJ3ehJw6hY2sajK7oybso=
=RjTX
-----END PGP SIGNATURE-----