Skip to content

Add security contact according to RFC 9116#734

Open
JanZerebecki wants to merge 1 commit intocockpit-project:mainfrom
JanZerebecki:securitytxt
Open

Add security contact according to RFC 9116#734
JanZerebecki wants to merge 1 commit intocockpit-project:mainfrom
JanZerebecki:securitytxt

Conversation

@JanZerebecki
Copy link
Contributor

@JanZerebecki JanZerebecki commented May 28, 2024

@martinpitt
Copy link
Member

martinpitt commented May 29, 2024

I copied this commit to my fork, and https://martinpitt.github.io/cockpit-project.github.io/.well-known/security.txt exists now. What kind of tools make use of that?

This is blocked until SECURITY.md actually exists. (I'd also like to move/rename that, but let's discuss that in the Cockpit PR).

@JanZerebecki
Copy link
Contributor Author

JanZerebecki commented May 29, 2024

It is primarily used by humans.

@martinpitt martinpitt mentioned this pull request Jun 24, 2024
Closed
@Venefilyn
Copy link
Member

Venefilyn commented Jan 7, 2026
edited
Loading

I see that Red Hat has it

https://www.redhat.com/.well-known/security.txt redirects to
https://security.access.redhat.com/data/meta/v1/security.txt

We now have SECURITY.md within cockpit-project/.github so that is no longer a blocker. IMO we should fetch that during deployment and put it in https://cockpit-project.org/.well-known/security.txt

@Venefilyn Venefilyn removed the blocked label Jan 7, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@JanZerebecki @martinpitt @Venefilyn