# DivontrixDB Security Disclosure Policy # RFC 9113 compliant — https://www.rfc-editor.org/rfc/rfc9113.html # # If you found a security issue, thank you for reporting it responsibly. # We commit to acknowledging receipt within 48 hours and to keeping you # informed throughout the remediation process. Contact: mailto:security@divontrix.com # Fallback contact (monitored inbox): Contact: mailto:contact@divontrix.com # PGP key for encrypted disclosure (RSA 4096, expires 2028-07-02) # Fingerprint: 33F3F3DB33C3F8E129F7A2854D9B277142BEC696 Encryption-key: openpgp4fpr:33F3F3DB33C3F8E129F7A2854D9B277142BEC696 Canonical: /.well-known/pgp-key.asc Expires: 2027-12-31T23:59:00.000Z Preferred-Languages: en Policy: /#security Hiring: /#company # Acknowledgments: (add a /security/hall-of-fame page once researchers report) # Encryption: always encouraged, never required for initial contact.