A File Format to Aid in Security Vulnerability Disclosure
RFC 9116

Received changes through RFC Editor sync (created alias RFC 9116, changed abstract to 'When security vulnerabilities are discovered by researchers, proper reporting channels are often lacking.  As a result, vulnerabilities may be left unreported.  This document defines a machine-parsable format ("security.txt") to help organizations describe their vulnerability disclosure practices to make it easier for researchers to report vulnerabilities.', changed pages to 21, changed standardization level to Informational, changed state to RFC, added RFC published event at 2022-04-27, changed IESG state to RFC Published)