JasonKeirstead
commented
1 week ago FYI I am not sure if this is something board process really needs to take up, or if it is just a bug we can ask to get fixed...
Open JasonKeirstead opened 1 week ago
JasonKeirstead
commented
1 week ago FYI I am not sure if this is something board process really needs to take up, or if it is just a bug we can ask to get fixed...
https://www.oasis-open.org/security.txt returns a 404.
Security.txt is an accepted standard on how to share information on your adopted vulnerability disclosure process.
https://en.wikipedia.org/wiki/Security.txt
While we adopted such a process, it is buried in a location that no security researcher will find. We need to add security.txt