add required SECURITY.md file for OSSF Scorecard compliance

[rdower]

add required SECURITY.md file for OSSF Scorecard compliance

[apconole]

I guess this means that Intel will give more attention to the OpenLLDP project? I hope this isn't just a blanket commit to satisfy a check-box item.

What does it mean for maintainers on this project who aren't members of Intel? Will we be also included on the security discussions?

[rdower]

This is a general requirement not specific to openlldp

[penguin359]

It looks like this is the scorecard that is being worked on:

https://securityscorecards.dev/viewer/?uri=github.com%2Fintel%2Fopenlldp

With this PR attempting to check this box:

https://github.com/ossf/scorecard/blob/62aca9907cbc960f45bc698bdf8c98c6bb76c2c0/docs/checks.md#security-policy

However, I don't know if this is really the proper way to check that box when a primary maintainer is from Red Hat and no one from our side has been able to spend many cycles helping to maintain this project. I try to monitor this somewhat, but it is currently outside my charter of work. Our we going to make sure Red Hat is included on these discussions?

[apconole]

@rdower Any more details? @penguin359 raised some questions.

[apconole]

I'm closing this. Please reopen when the maintenance and support questions have some answers. Thanks!