IETF Logo Mail Archive

[rfc-dist] RFC 9116 on A File Format to Aid in Security Vulnerability Disclosure

rfc-editor@rfc-editor.org Wed, 27 April 2022 19:34 UTC

Return-Path: <rfc-dist-bounces@rfc-editor.org>
X-Original-To: ietfarch-rfc-dist-archive@ietfa.amsl.com
Delivered-To: ietfarch-rfc-dist-archive@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 58E53C1B1626; Wed, 27 Apr 2022 12:34:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1651088061; bh=uN959XpIILe8Te6RPDerN6UNTe6TifT9Jh3SGGI6GGg=; h=To:From:Cc:Date:Subject:List-Id:List-Unsubscribe:List-Archive: List-Post:List-Help:List-Subscribe; b=qigqlXhe7j+mVy5V1lp5kKFUlkPLN8nkVpnZYmkM7aDQ18VgNs8lRPBVfQB3UU930 z/ll6So8rsZWFMfUeu2Rm6zbrb8Pc3nsZyMNexKir9ZJMZFLHZZqy8X3I3QnalvJfr ffd2wtIukaWOCg6oA4g0bwVQbz+HXFafzSdVlFKU=
X-Mailbox-Line: From rfc-dist-bounces@rfc-editor.org Wed Apr 27 12:34:21 2022
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 38771C18576C; Wed, 27 Apr 2022 12:34:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1651088060; bh=uN959XpIILe8Te6RPDerN6UNTe6TifT9Jh3SGGI6GGg=; h=To:From:Cc:Date:Subject:List-Id:List-Unsubscribe:List-Archive: List-Post:List-Help:List-Subscribe; b=gPiqNHEaR0FneMYrQR23oU8bLzdcZIHEOI/xEd0VLwdtjdflWx8DoEpXC/3KLiXBW ybVoodOvNDcERxnn1dWtBfHiCjFp2r6AeSs2kDB+eTKigFLb3R6ASqqioEMuaklTg0 2z5sri6wz/5naqvXfdciqjm0pHY/OjN8q338poHM=
X-Original-To: rfc-dist@ietfa.amsl.com
Delivered-To: rfc-dist@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7271CC1594BC; Wed, 27 Apr 2022 12:34:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.649
X-Spam-Level:
X-Spam-Status: No, score=-1.649 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.248, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6nKiaCgqZvIq; Wed, 27 Apr 2022 12:34:11 -0700 (PDT)
Received: from rfcpa.amsl.com (rfc-editor.org [50.223.129.200]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4FFDEC159527; Wed, 27 Apr 2022 12:34:11 -0700 (PDT)
Received: by rfcpa.amsl.com (Postfix, from userid 499) id 2FFF410D60; Wed, 27 Apr 2022 12:34:11 -0700 (PDT)
To: ietf-announce@ietf.org, rfc-dist@rfc-editor.org
From: rfc-editor@rfc-editor.org
Cc: rfc-editor@rfc-editor.org, drafts-update-ref@iana.org
Message-Id: <20220427193411.2FFF410D60@rfcpa.amsl.com>
Date: Wed, 27 Apr 2022 12:34:11 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/rfc-dist/BWRaAEMYVOHbgIqNQVWq3jBENd0>
Subject: [rfc-dist] RFC 9116 on A File Format to Aid in Security Vulnerability Disclosure
X-BeenThere: rfc-dist@rfc-editor.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: RFC Announcements <rfc-dist.rfc-editor.org>
List-Unsubscribe: <https://mailman.rfc-editor.org/mailman/options/rfc-dist>, <mailto:rfc-dist-request@rfc-editor.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rfc-dist/>
List-Post: <mailto:rfc-dist@rfc-editor.org>
List-Help: <mailto:rfc-dist-request@rfc-editor.org?subject=help>
List-Subscribe: <https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist>, <mailto:rfc-dist-request@rfc-editor.org?subject=subscribe>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: rfc-dist-bounces@rfc-editor.org
Sender: rfc-dist <rfc-dist-bounces@rfc-editor.org>

A new Request for Comments is now available in online RFC libraries.

        
        RFC 9116

        Title:      A File Format to Aid 
                    in Security Vulnerability Disclosure 
        Author:     E. Foudil,
                    Y. Shafranovich
        Status:     Informational
        Stream:     IETF
        Date:       April 2022
        Mailbox:    contact@edoverflow.com,
                    yakov+ietf@nightwatchcybersecurity.com
        Pages:      21
        Updates/Obsoletes/SeeAlso:   None

        I-D Tag:    draft-foudil-securitytxt-12.txt

        URL:        https://www.rfc-editor.org/info/rfc9116

        DOI:        10.17487/RFC9116

When security vulnerabilities are discovered by researchers, proper
reporting channels are often lacking. As a result, vulnerabilities
may be left unreported. This document defines a machine-parsable
format ("security.txt") to help organizations describe their
vulnerability disclosure practices to make it easier for researchers
to report vulnerabilities.


INFORMATIONAL: This memo provides information for the Internet community.
It does not specify an Internet standard of any kind. Distribution of
this memo is unlimited.

This announcement is sent to the IETF-Announce and rfc-dist lists.
To subscribe or unsubscribe, see
  https://www.ietf.org/mailman/listinfo/ietf-announce
  https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist

For searching the RFC series, see https://www.rfc-editor.org/search
For downloading RFCs, see https://www.rfc-editor.org/retrieve/bulk

Requests for special distribution should be addressed to either the
author of the RFC in question, or to rfc-editor@rfc-editor.org.  Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.


The RFC Editor Team
Association Management Solutions, LLC


_______________________________________________
rfc-dist mailing list
rfc-dist@rfc-editor.org
https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist
http://www.rfc-editor.org

v2.23.0 | Report a Bug | By Email