Skip to content

disclose/dnssecuritytxt

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

63 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

dnssecuritytxt — publish your security contact in DNS · disclose.io

dnssecuritytxt

A standard for nominating security contact points & policies via DNS TXT records — discoverable before a researcher even loads your site.

MIT license Draft standard @dnssecuritytxt on Twitter Feedback welcome

Part of the disclose.io Project — the open, vendor-neutral infrastructure for vulnerability disclosure. Browse the ecosystem →


A standard allowing organizations to nominate security contact points and policies via DNS TXT records.

This proposal was first made public on March 25, 2021 and is currently a draft. We welcome comments and feedback! To make suggestions please submit a PR via Github or submit a ticket. Thanks for your interest!

IETF Internet-Draft

The proposed Standards Track Internet-Draft is maintained in ietf/:

The draft makes _security.<domain> the normative owner name, requires an RFC 3339 security_expires timestamp, and requests registration of the _security TXT node name under RFC 8552.

Find us on Twitter: https://twitter.com/dnssecuritytxt.

Created with <3 by John Carroll and Casey Ellis for The disclose.io Project.

About

A standard allowing organizations to nominate security contact points and policies via DNS TXT records.

Topics

Resources

License

Security policy

Stars

35 stars

Watchers

2 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors

Languages