forked from tarcieri/reia
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
77b8b56
commit 87ba9f6
Showing
1 changed file
with
50 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,50 @@ | ||
| # Laser Language Security Policy | ||
|
|
||
| ## Commitment | ||
|
|
||
| I take the security of this project very seriously. | ||
|
|
||
| ## Supported Versions | ||
|
|
||
| Maintaining the security of this project is my top priority. Currently, support and attention to security concerns are provided for the following version: | ||
|
|
||
| | Version | Supported | | ||
| | ------- | ------------------ | | ||
| | Latest | :white_check_mark: | | ||
|
|
||
| ## Reporting a Vulnerability | ||
|
|
||
| If you uncover a potential security issue, I earnestly request your assistance in reporting it through responsible channels. | ||
| I will, at some unknown point in the future, put a PGP key and an alternative email adress here. | ||
| I'm looking to overhaul my useage of e-mail in the near future, and so I'm going to wait until I've done that to move forwads with PGP | ||
|
|
||
| ### Contact Channels | ||
|
|
||
| **Primary (Email):** | ||
|
|
||
| - **Email**: Vulnerabilities can be reported to my iCloud Hide My Email address: [[email protected] ](mailto:[email protected]). | ||
|
|
||
| **Secondary (Signal):** | ||
|
|
||
| - For secure and private communication, you can reach me on [Signal](https://signal.me/#eu/Ui1-KTmlgnCbNj491iq3HSOJtrkY1aVHm4n0v97dvkGDbCqWsExOu66Fzg7-7iC9) | ||
| - Note: I get quite a lot of spam on signal, so I may thoughtlessly block and report you if your profile looks too much like a scammer. Firstly, sorry. Secondly, please reach out to me via another method. | ||
|
|
||
| **Tertiary (Social Media):** | ||
|
|
||
| - I can also be reached quickly on **X [@georgebaskervil](https://x.com/georgebaskervil)**: | ||
| Note: X offers an encrypted DMs feature for premium subsribers, which is better than regular DMs for enhanced privacy. | ||
| However, it's important to be aware that the platform's implementation of end-to-end encryption for DMs has been noted to have some flaws. | ||
| Please consider the sensitivity of the information when using this communication channel. | ||
|
|
||
| ### Response Process | ||
|
|
||
| I am committed to trying to review reports and respond promptly as follows: | ||
|
|
||
| ### Response Process | ||
|
|
||
| I am committed to reviewing reports and responding promptly as follows: | ||
|
|
||
| 1. I will try my best to acknowledge receipt of your report within 48 hours. | ||
| 2. I will try my best to provide an initial assessment within one week. | ||
| 3. I will try my best to work to understand the potential impact and determine an appropriate resolution timeline. | ||
| 4. I will try my best to release an update, if necessary, with due acknowledgment given to your contribution towards enhancing the security measures of this project (unless anonymity is requested). |