1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-11-28 18:38:39 +00:00

add SECURITY.md

This commit is contained in:
Pavol Rusnak 2019-06-06 19:50:57 +02:00
parent 677562d571
commit 53a4116685
No known key found for this signature in database
GPG Key ID: 91F3B339B9A02A3D

16
SECURITY.md Normal file
View File

@ -0,0 +1,16 @@
# Security Policy
## Reporting a Vulnerability
To report security issues send an email to security@satoshilabs.com (this is not a support email!).
The following keys may be used to communicate sensitive information to developers:
| Name | Fingerprint |
|------|-------------|
| Marek Palatinus | 86E6792FC27BFD478860C11091F3B339B9A02A3D |
| Pavol Rusnak | 71B5A80A63FE12B0D74DABBFE4A883364AAF6E16 |
You can import a key by running the following command with that individuals fingerprint: `gpg --recv-keys <fingerprint>`.
More info about our Responsible Disclosure program is available from https://trezor.io/security/