mirror of
https://github.com/dashpay/dash.git
synced 2024-12-27 13:03:17 +01:00
8bcfec2167
90f1f849e9f5a0c1855b72824af38b9aa24d5287 doc: Suggest `keys.openpgp.org` as keyserver in SECURITY.md (Tim Ruffing) Pull request description: `--recv-keys` without a `--keyserver` arg simply failed for me on a fresh Arch Linux installation, so I think it's a good idea to suggest a keyserver. OpenPGP ecosystem is broken in a number of ways, so the right way to approach this issue has some potential for bikeshedding. But the only thing that this PR does is to keep `SECURITY.md` in line with the instructions for builder keys, where there was agreement on switching to `keys.openpgp.org` (#22688). ACKs for top commit: MarcoFalke: review ACK 90f1f849e9f5a0c1855b72824af38b9aa24d5287 laanwj: Review ACK 90f1f849e9f5a0c1855b72824af38b9aa24d5287 hebasto: ACK 90f1f849e9f5a0c1855b72824af38b9aa24d5287, agree with arguments above. Zero-1729: ACK 90f1f849e9f5a0c1855b72824af38b9aa24d5287 Tree-SHA512: 1ab20c837cd952aa32b57473772cbfd33411a08db6e88b951bce38f76a3c509c0e91d6944ec0ca5eac8d5eb4d98a5489276d55691328f2e2556b2640f8e7c108
23 lines
804 B
Markdown
23 lines
804 B
Markdown
# Security Policy
|
||
|
||
## Supported Versions
|
||
|
||
| Version | Supported |
|
||
| ------- | ------------------ |
|
||
| 0.17 | :white_check_mark: |
|
||
| 0.16 | :white_check_mark: |
|
||
| < 0.16 | :x: |
|
||
|
||
## Reporting a Vulnerability
|
||
|
||
To report security issues send an email to security@dash.org (not for support).
|
||
|
||
The following keys may be used to communicate sensitive information to developers:
|
||
|
||
| Name | Fingerprint |
|
||
|------|-------------|
|
||
| UdjinM6 | 3F5D 48C9 F002 93CD 365A 3A98 8359 2BD1 400D 58D9 |
|
||
| Pasta | 2959 0362 EC87 8A81 FD3C 202B 5252 7BED ABE8 7984 |
|
||
|
||
You can import a key by running the following command with that individual’s fingerprint: `gpg --keyserver hkps://keys.openpgp.org --recv-keys "<fingerprint>"` Ensure that you put quotes around fingerprints containing spaces.
|