{"draft":"draft-foudil-securitytxt-12","doc_id":"RFC9116","title":"A File Format to Aid in Security Vulnerability Disclosure","authors":["E. Foudil","Y. Shafranovich"],"format":["HTML","TEXT","PDF","XML"],"page_count":"21","pub_status":"INFORMATIONAL","status":"INFORMATIONAL","source":"IETF - NON WORKING GROUP","abstract":"When security vulnerabilities are discovered by researchers, proper\r\nreporting channels are often lacking. As a result, vulnerabilities\r\nmay be left unreported. This document defines a machine-parsable\r\nformat (\"security.txt\") to help organizations describe their\r\nvulnerability disclosure practices to make it easier for researchers\r\nto report vulnerabilities.","pub_date":"April 2022","keywords":[],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC9116","errata_url":"https:\/\/www.rfc-editor.org\/errata\/rfc9116"}