From a4eb4934bfc26e313950be95c708fab83237e77c Mon Sep 17 00:00:00 2001 From: Michalis Giakkoupis <128035176+mgiakkou@users.noreply.github.com> Date: Wed, 3 Jul 2024 14:47:38 +0300 Subject: [PATCH] Update PGP Key link --- SECURITY.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/SECURITY.md b/SECURITY.md index c587c78..cc207ab 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -10,7 +10,7 @@ At the European Commission, we treat the security of our Communication and Infor ## If you have identified a vulnerability, please do the following - E-mail your findings to , specifying whether or not you agree to your name or pseudonym being made publicly available as the discoverer of the problem. -- Encrypt your findings using our [PGP key](https://pgp.mit.edu/pks/lookup?op=get&search=0x6773AACDF09F6628) to prevent this critical information from falling into the wrong hands. +- Encrypt your findings using our [PGP key](https://ec.europa.eu/assets/digit/pgpkey/ec-vulnerability-disclosure-pgp.txt) to prevent this critical information from falling into the wrong hands. - Provide us with sufficient information to reproduce the problem so that we can resolve it as quickly as possible. Usually, the IP address or the URL of the affected system and a description of the vulnerability will be sufficient, but complex vulnerabilities may require further explanation in terms of technical information or potential proof-of-concept code. - Provide your report in English, preferably, or in any other official language of the European Union. - Inform us if you agree to make your name/pseudonym publicly available as the discoverer of the vulnerability. @@ -39,4 +39,4 @@ At the European Commission, we treat the security of our Communication and Infor - We will handle your report with strict confidentiality. - Where possible, we will inform you when the vulnerability has been remedied. - We will process the personal data that you provide (such as your e-mail address and name) in accordance with the applicable data protection legislation and will not pass on your personal details to third parties without your permission. -- In the public information concerning the problem reported, we will publish your name as the discoverer of the problem if you have agreed to this in your initial e-mail \ No newline at end of file +- In the public information concerning the problem reported, we will publish your name as the discoverer of the problem if you have agreed to this in your initial e-mail