Comments (4)
k0nsl
commented on June 11, 2024
Should I add anything else which is essential or should I keep it lean like this?
Faithfully,
-k0nsl
from security-txt.
nightwatchcyber
commented on June 11, 2024
It looks ok but I would suggest looking at the parsers listed below and the generator on our website:
https://securitytxt.org/projects
https://securitytxt.org/
from security-txt.
MarcMogdanz
commented on June 11, 2024
The Contact field should contain the mailto: prefix if it's an e-mail address according to 3.5.3, e.g. Contact: mailto:[email protected].
And according to 3.5.5 the Expires field should be in the ISO-8601 format and not required, but recommended: the date should not be more than one year in the future.
Otherwise it looks good.
from security-txt.
k0nsl
commented on June 11, 2024
Thank you @nightwatchcyber and @MarcMogdanz; I have made the suggested changes to my security.txt file and it is now correctly formatted.
Faithfully,
-k0nsl
from security-txt.
Related Issues (20)
- Consider adding "Last Updated" field HOT 1
- Add differentiation between PSIRT and CERT contact HOT 2
- Add "CSAF" field to find OASIS CSAF documents HOT 10
- Defer file systems work to future date HOT 3
- Aligning ISO and CERT language with the draft
- Consider clarifying whether Encryption should point directly to the key HOT 1
- Example of a signed "security.txt" file Header is Missing Hyphen HOT 1
- detached signatures (allow multiple people to sign the security.txt)
- Support distinct policies: bug bounty and external vuln disclosure HOT 3
- Should the datetimes use an ISO8601 profile? HOT 2
- Add a link to the human and machine readable security advisories HOT 7
- Permitted values of Acknowledgments field? HOT 3
- Use /.well-known/humans.txt URI instead? HOT 1
- Scope field HOT 9
- Specify allowed encryption schemes HOT 15
- This project appears dead, should someone fork it? HOT 3
- SSH signatures as an alternative to OpenPGP ones HOT 3
- Clarification for Canonical field HOT 2
- @sirathampitak
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from security-txt.