A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

# About this website: Anyone can easily create a homepage with https://bt-web.com/
# Date created: 2024-04-10T08:20:39+09:00
Contact: mailto:rfc9116_security_txt@bt-web.com
Expires: 2024-09-07T08:20:39+09:00
Encryption: https://bt-web.com/.well-known/pgp-key_btweb-demo.com_20240410.txt
Encryption: https://btweb-demo.com/.well-known/pgp-key_btweb-demo.com_20240410.txt
Encryption: https://btweb-demo2.jp/.well-known/pgp-key_btweb-demo.com_20240410.txt
Preferred-Languages: ja, en, zh
Canonical: https://btweb-demo.com/.well-known/security.txt
# coming soon...
#Policy: Policy: https://example.com/disclosure-policy.html
#Hiring: https://example.com/jobs.html
#Acknowledgments: https://example.com/hall-of-fame.html
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEE226u+R0lE0Wxm5h3jRgYaNN9jmYFAmYVzUcACgkQjRgYaNN9
jmbRsQ//Y9CSeP0KvswLCfSVW0VnEI8s5P29LqU84CXnMET/WFV4vfxRy3hAGyyh
+w+6825Wo01XQsnkn8lS3z2T5nbo97LJZUDoa0Gf1zxKyis5uAFCBCTy5QhsB9NZ
r7N4H5DdjH4R5cqdplt8YdA6JE93KJPH7fT0vhRrkHrXa8nAqe0+BFuhBYJdaOES
8E3+TJ0N4nstif5y3ZvyJfWPeaWqULWr7E3YICAWKY+BkMcgLDMBCsP0eE8twFBS
fYWXHHSqywrJ4m+nc8Pno0hyz//osB5gxg2JSiAoZcM9wf/vNNPeZLNJQsEAxqV4
l77azwBIMoLLeqh5ibODjVb3pcE/jyZ/8GjBTtWlC/5LLz0HoQ8QxxdxKtgUnpTg
JtoippgbAvsRZEhqbnhhq5Als5NIHTxxDGc1OmS1vItY+elXyLYoQG8t/DDPtG6k
AlIX7GVGRWU/DcDq/CkJvvRqF80k5CbW+AbQTb6e8vuXq8m+mbMi1MtOG1SzVnH6
f1GhwKG5rnAbRGX6fsxbOpSVxxfOIxp+NDiDcGesNfGY+46dI0arFtiWz2AHD+S4
/1eJBY+cITuOpzuoNYAiRtlTpUGb6AvPGqlmdzU5suylt+eRegF4+KptXEPyDuqy
Euq5kTa7Tjklek3bi0wx3+zJ28Xj1QCGYmaO0gPGfC+MLJuZ3BI=
=v3eU
-----END PGP SIGNATURE-----