Skip to content

Commit

Permalink
Merge pull request #28 from eu-digital-identity-wallet/mgiakkou-patch-1
Browse files Browse the repository at this point in the history 
Update PGP Key link
  • Loading branch information
@dtsiflit
dtsiflit authored Jul 8, 2024
2 parents 8f270a8 + a4eb493 commit edb8b4f
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions SECURITY.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ At the European Commission, we treat the security of our Communication and Infor
## If you have identified a vulnerability, please do the following

- E-mail your findings to <[email protected]>, specifying whether or not you agree to your name or pseudonym being made publicly available as the discoverer of the problem.
- Encrypt your findings using our [PGP key](https://pgp.mit.edu/pks/lookup?op=get&search=0x6773AACDF09F6628) to prevent this critical information from falling into the wrong hands.
- Encrypt your findings using our [PGP key](https://ec.europa.eu/assets/digit/pgpkey/ec-vulnerability-disclosure-pgp.txt) to prevent this critical information from falling into the wrong hands.
- Provide us with sufficient information to reproduce the problem so that we can resolve it as quickly as possible. Usually, the IP address or the URL of the affected system and a description of the vulnerability will be sufficient, but complex vulnerabilities may require further explanation in terms of technical information or potential proof-of-concept code.
- Provide your report in English, preferably, or in any other official language of the European Union.
- Inform us if you agree to make your name/pseudonym publicly available as the discoverer of the vulnerability.
Expand Down Expand Up @@ -39,4 +39,4 @@ At the European Commission, we treat the security of our Communication and Infor
- We will handle your report with strict confidentiality.
- Where possible, we will inform you when the vulnerability has been remedied.
- We will process the personal data that you provide (such as your e-mail address and name) in accordance with the applicable data protection legislation and will not pass on your personal details to third parties without your permission.
- In the public information concerning the problem reported, we will publish your name as the discoverer of the problem if you have agreed to this in your initial e-mail
- In the public information concerning the problem reported, we will publish your name as the discoverer of the problem if you have agreed to this in your initial e-mail

0 comments on commit edb8b4f

Please sign in to comment.