===== COLIN COGLE'S BLOG ===== "A File Format to Aid in Security Vulnerability Disclosure" by Colin Cogle This article was first published in "2600: The Hacker Quarterly", volume 38:2. Please support the official release! Updated and re-published online May 19, 2022. ABSTRACT: When security vulnerabilities are discovered by researchers, proper reporting channels are often lacking. As a result, vulnerabilities may be left unreported. Fortunately, there is a machine-parsable format ("security.txt") to help organi- zations describe their vulnerability disclosure practices to make it easier for researchers to report vulnerabilities. READ THE ARTICLE: (TXT) Read the article (plain text). (HTM) Read the article (on the web). (HTM) Buy a printed copy of the magazine. (HTM) Buy a DRM-free PDF copy of the magazine. SUPPLEMENTARY MATERIALS: (TXT) RFC 9116 - "A File Format to Aid in Security Vulnerability Disclosure" (HTM) "security.txt" official web site CITE THIS ARTICLE: Cogle, Colin. "A File Format to Aid in Security Vulnerability Disclosure." 2600: The Hacker Quarterly, vol. 38:2 (Summer 2021), June 2021, pp.57-58, colincogle.name/blog/security-txt/.