vincenzopalazzo
/
rgb-cln
1
0
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity
rgb-cln/SECURITY.md

25 lines
969 B
Markdown
Raw Normal View History

SECURITY.md: Tell them to spam me, and include our GPG fingerprints. Added Alex since he's Release Captain this time. Changelog-Added: SECURITY.md: Where to send sensitive bug reports, and dev GPG fingerprints. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2023-02-06 02:46:49 +00:00
# Security Policy
## Supported Versions
We have a 3 month release cycle, and the last two versions are supported.
## Reporting a Vulnerability
To report security issues send an email to rusty@rustcorp.com.au, or
security@bockstream.com (not for support).
## Signatures For Releases
The following keys may be used to communicate sensitive information to
developers, and to validate signatures on releases:
| Name | Fingerprint |
|------|-------------|
| Rusty Russell | 15EE 8D6C AB0E 7F0C F999 BFCB D920 0E6C D1AD B8F1 |
| Christian Decker | B731 AAC5 21B0 1385 9313 F674 A26D 6D9F E088 ED58 |
| Lisa Neigut | 30DE 693A E0DE 9E37 B3E7 EB6B BFF0 F678 10C1 EED1 |
| Alex Myers | 0437 4E42 789B BBA9 462E 4767 F3BF 63F2 7474 36AB |
You can import a key by running the following command with that individuals fingerprint: `gpg --keyserver hkps://keys.openpgp.org --recv-keys "<fingerprint>"` Ensure that you put quotes around fingerprints containing spaces.