Security point of contact

Seb seb at
Thu Jun 28 12:35:08 UTC 2018

On Sunday, 10 June 2018 at 00:59:11 UTC, Cym13 wrote:
> On Sunday, 10 June 2018 at 00:31:55 UTC, Vladimir Panteleev 
> wrote:
>> [...]
> This is the thing exactly, first of all the idea that the main 
> developer of the part of the project impacted should be the one 
> receiving the report is sound but far from obvious. In many 
> countries there is a (stupid) legal risk associated with 
> vulnerability disclosure, so as a researcher you'd rather be 
> sure that you're talking to the right person.
> [...]

Another step at setting such a security point of contact up:

Input is welcome.

More information about the Digitalmars-d mailing list