| rfc9116v5.txt | rfc9116.txt | |||
|---|---|---|---|---|
| Internet Engineering Task Force (IETF) E. Foudil | Internet Engineering Task Force (IETF) E. Foudil | |||
| Request for Comments: 9116 | Request for Comments: 9116 | |||
| Category: Informational Y. Shafranovich | Category: Informational Y. Shafranovich | |||
| ISSN: 2070-1721 Nightwatch Cybersecurity | ISSN: 2070-1721 Nightwatch Cybersecurity | |||
| August 2021 | April 2022 | |||
| A File Format to Aid in Security Vulnerability Disclosure | A File Format to Aid in Security Vulnerability Disclosure | |||
| Abstract | Abstract | |||
| When security vulnerabilities are discovered by researchers, proper | When security vulnerabilities are discovered by researchers, proper | |||
| reporting channels are often lacking. As a result, vulnerabilities | reporting channels are often lacking. As a result, vulnerabilities | |||
| may be left unreported. This document defines a machine-parsable | may be left unreported. This document defines a machine-parsable | |||
| format ("security.txt") to help organizations describe their | format ("security.txt") to help organizations describe their | |||
| vulnerability disclosure practices to make it easier for researchers | vulnerability disclosure practices to make it easier for researchers | |||
| skipping to change at line 37 ¶ | skipping to change at line 37 ¶ | |||
| Internet Engineering Steering Group (IESG). Not all documents | Internet Engineering Steering Group (IESG). Not all documents | |||
| approved by the IESG are candidates for any level of Internet | approved by the IESG are candidates for any level of Internet | |||
| Standard; see Section 2 of RFC 7841. | Standard; see Section 2 of RFC 7841. | |||
| Information about the current status of this document, any errata, | Information about the current status of this document, any errata, | |||
| and how to provide feedback on it may be obtained at | and how to provide feedback on it may be obtained at | |||
| https://www.rfc-editor.org/info/rfc9116. | https://www.rfc-editor.org/info/rfc9116. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2021 IETF Trust and the persons identified as the | Copyright (c) 2022 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (https://trustee.ietf.org/license-info) in effect on the date of | (https://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| carefully, as they describe your rights and restrictions with respect | carefully, as they describe your rights and restrictions with respect | |||
| to this document. Code Components extracted from this document must | to this document. Code Components extracted from this document must | |||
| include Revised BSD License text as described in Section 4.e of the | include Revised BSD License text as described in Section 4.e of the | |||
| Trust Legal Provisions and are provided without warranty as described | Trust Legal Provisions and are provided without warranty as described | |||
| End of changes. 2 change blocks. | ||||
| 2 lines changed or deleted | 2 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||