diff options
author | Loic Bistuer <loic.bistuer@sixmedia.com> | 2013-07-16 17:14:16 +0700 |
---|---|---|
committer | Loic Bistuer <loic.bistuer@sixmedia.com> | 2013-07-16 17:17:08 +0700 |
commit | aff0aa3af81b13e611c08000ae0c1f1d840b6c3c (patch) | |
tree | d194047a6ce30bfeee76a01079b1ceb867effff7 /docs/internals/security.txt | |
parent | 862a04a56d61238c8a9a159ce47d0fc879559a5c (diff) | |
download | django-aff0aa3af81b13e611c08000ae0c1f1d840b6c3c.tar.gz |
Rephrased the docs for reporting security issues to make it less intimidating.
Diffstat (limited to 'docs/internals/security.txt')
-rw-r--r-- | docs/internals/security.txt | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/docs/internals/security.txt b/docs/internals/security.txt index 7121ff31ec..486b2c9968 100644 --- a/docs/internals/security.txt +++ b/docs/internals/security.txt @@ -19,7 +19,7 @@ security@djangoproject.com**. Most normal bugs in Django are reported to `our public Trac instance`_, but due to the sensitive nature of security issues, we ask -that they *not* be publicly reported in this fashion. +that they **not** be publicly reported in this fashion. Instead, if you believe you've found something in Django which has security implications, please send a description of the issue via @@ -28,15 +28,17 @@ reaches a subset of the core development team, who can forward security issues into the private committers' mailing list for broader discussion if needed. -You can send encrypted email to this address; the public key ID for -``security@djangoproject.com`` is ``0xfcb84b8d1d17f80b``, and this -public key is available from most commonly-used keyservers. - Once you've submitted an issue via email, you should receive an acknowledgment from a member of the Django development team within 48 hours, and depending on the action to be taken, you may receive further followup emails. +.. note:: + + If you want to send an encrypted email (*optional*), the public key ID for + ``security@djangoproject.com`` is ``0xfcb84b8d1d17f80b``, and this public + key is available from most commonly-used keyservers. + .. _our public Trac instance: https://code.djangoproject.com/query .. _security-support: |