RFC 9116 on A File Format to Aid in Security Vulnerability Disclosure
rfc-editor@rfc-editor.org Wed, 27 April 2022 19:34 UTC
Return-Path: <wwwrun@rfcpa.amsl.com>
X-Original-To: ietf-announce@ietfa.amsl.com
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E194FC159529 for <ietf-announce@ietfa.amsl.com>; Wed, 27 Apr 2022 12:34:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.649
X-Spam-Level:
X-Spam-Status: No, score=-1.649 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.248, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id L2AowQpGNGuA for <ietf-announce@ietfa.amsl.com>; Wed, 27 Apr 2022 12:34:11 -0700 (PDT)
Received: from rfcpa.amsl.com (rfc-editor.org [50.223.129.200]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4DF71C1594BC for <ietf-announce@ietf.org>; Wed, 27 Apr 2022 12:34:11 -0700 (PDT)
Received: by rfcpa.amsl.com (Postfix, from userid 499) id 2FFF410D60; Wed, 27 Apr 2022 12:34:11 -0700 (PDT)
To: ietf-announce@ietf.org, rfc-dist@rfc-editor.org
Subject: RFC 9116 on A File Format to Aid in Security Vulnerability Disclosure
From: rfc-editor@rfc-editor.org
Cc: rfc-editor@rfc-editor.org, drafts-update-ref@iana.org
Content-type: text/plain; charset="UTF-8"
Message-Id: <20220427193411.2FFF410D60@rfcpa.amsl.com>
Date: Wed, 27 Apr 2022 12:34:11 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-announce/KTzt_GtqqaVhn7Uup4hflz-ZhfA>
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-announce/>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Apr 2022 19:34:15 -0000
A new Request for Comments is now available in online RFC libraries. RFC 9116 Title: A File Format to Aid in Security Vulnerability Disclosure Author: E. Foudil, Y. Shafranovich Status: Informational Stream: IETF Date: April 2022 Mailbox: contact@edoverflow.com, yakov+ietf@nightwatchcybersecurity.com Pages: 21 Updates/Obsoletes/SeeAlso: None I-D Tag: draft-foudil-securitytxt-12.txt URL: https://www.rfc-editor.org/info/rfc9116 DOI: 10.17487/RFC9116 When security vulnerabilities are discovered by researchers, proper reporting channels are often lacking. As a result, vulnerabilities may be left unreported. This document defines a machine-parsable format ("security.txt") to help organizations describe their vulnerability disclosure practices to make it easier for researchers to report vulnerabilities. INFORMATIONAL: This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited. This announcement is sent to the IETF-Announce and rfc-dist lists. To subscribe or unsubscribe, see https://www.ietf.org/mailman/listinfo/ietf-announce https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist For searching the RFC series, see https://www.rfc-editor.org/search For downloading RFCs, see https://www.rfc-editor.org/retrieve/bulk Requests for special distribution should be addressed to either the author of the RFC in question, or to rfc-editor@rfc-editor.org. Unless specifically noted otherwise on the RFC itself, all RFCs are for unlimited distribution. The RFC Editor Team Association Management Solutions, LLC