Add security policy with PGP keys

author Matt Corallo <git@bluematt.me>

Sat, 2 Jul 2022 15:29:50 +0000 (15:29 +0000)

committer Matt Corallo <git@bluematt.me>

Tue, 5 Jul 2022 14:25:51 +0000 (14:25 +0000)
author Matt Corallo <git@bluematt.me>
Sat, 2 Jul 2022 15:29:50 +0000 (15:29 +0000)
committer Matt Corallo <git@bluematt.me>
Tue, 5 Jul 2022 14:25:51 +0000 (14:25 +0000)
diff --git a/SECURITY.md b/SECURITY.md

new file mode 100644 (file)

index 0000000..d4b33ec
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,20 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+Please report security vulnerabilities, including denial-of-service
+vulnerabilities such as spurious panics, via email to
+security@lightningdevkit.org.
+
+If possible, please PGP-encrypt such emails to the following keys (available on
+keyservers and WKD via `gpg --auto-key-locate wkd  --locate-external-keys
+ldk-security-1@mattcorallo.com ldk-security-2@mattcorallo.com`). Please include
+your own public key as an attachment or inline for replies.
+
+ * 07DF3E57A548CCFB7530709189BBB8663E2E65CE (Matt Corallo)
+ * 5DBC576CCCF546CA72AB06CE912EF12EA67705F5 (Jeffrey Czyz)
+ * 729E9D9D92C75A5FBFEEE057B5DD717BEF7CA5B1 (Wilmer Paulino)
+ * BD6EED4D339EDBF7E7CE7F8836153082BDF676FD (Elias Rohrer)
+ * 6E0287D8849AE741E47CC586FD3E106A2CE099B4 (Valentine Wallace)
+ * 69CFEA635D0E6E6F13FD9D9136D932FCAC0305F0 (Arik Sosman)
+ * A5A6868D7AA91DD00AC1A67F817FFA028EF61C94 (Antoine Riard)
author	Matt Corallo <git@bluematt.me>
	Sat, 2 Jul 2022 15:29:50 +0000 (15:29 +0000)
committer	Matt Corallo <git@bluematt.me>
	Tue, 5 Jul 2022 14:25:51 +0000 (14:25 +0000)