rust-tuf icon indicating copy to clipboard operation
rust-tuf copied to clipboard

Published 20 hours ago verified publisher icon theupdateframework

Create a security policy

Open trishankatdatadog opened this issue 3 years ago • 3 comments

Description of issue or feature request:

Similar to go-tuf, we should create a security policy so that researchers can properly disclose security issues.

trishankatdatadog avatar Sep 06 '22 15:09 trishankatdatadog

Sure, good idea. However it doesn't look like go-tuf has a security policy set up. Did you mean python-tuf?

erickt avatar Sep 10 '22 17:09 erickt

Sure, good idea. However it doesn't look like go-tuf has a security policy set up. Did you mean python-tuf?

(Inspired by the lack of it in go-tuf)

trishankatdatadog avatar Sep 10 '22 23:09 trishankatdatadog

I'm not sure python-tuf has the best policy right now (depends on one person and PGP)

trishankatdatadog avatar Sep 10 '22 23:09 trishankatdatadog