Skip to content

Add security contact according to RFC 9116#734

Open
JanZerebecki wants to merge 1 commit into
cockpit-project:mainfrom
JanZerebecki:securitytxt
Open

Add security contact according to RFC 9116#734
JanZerebecki wants to merge 1 commit into
cockpit-project:mainfrom
JanZerebecki:securitytxt

Conversation

@JanZerebecki

@JanZerebecki JanZerebecki commented May 28, 2024

Copy link
Copy Markdown
Contributor

@martinpitt

martinpitt commented May 29, 2024

Copy link
Copy Markdown
Member

I copied this commit to my fork, and https://martinpitt.github.io/cockpit-project.github.io/.well-known/security.txt exists now. What kind of tools make use of that?

This is blocked until SECURITY.md actually exists. (I'd also like to move/rename that, but let's discuss that in the Cockpit PR).

@JanZerebecki

JanZerebecki commented May 29, 2024

Copy link
Copy Markdown
Contributor Author

It is primarily used by humans.

@martinpitt martinpitt mentioned this pull request Jun 24, 2024
Closed
@Venefilyn

Venefilyn commented Jan 7, 2026
edited
Loading

Copy link
Copy Markdown
Member

I see that Red Hat has it

https://www.redhat.com/.well-known/security.txt redirects to
https://security.access.redhat.com/data/meta/v1/security.txt

We now have SECURITY.md within cockpit-project/.github so that is no longer a blocker. IMO we should fetch that during deployment and put it in https://cockpit-project.org/.well-known/security.txt

@Venefilyn Venefilyn removed the blocked label Jan 7, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@JanZerebecki @martinpitt @Venefilyn