Drew DeVault on Nostr: What I have in mind: report to vendors and they file an advisory in a YAML format; ...
What I have in mind: report to vendors and they file an advisory in a YAML format; this is disseminated via web, JSON, plain text (can be forwarded to mailing lists), RSS feeds (per vendor), and an automated Mastodon feed.
Vendors get a page they can fill in with project details, security policies, who to report to, where to find security-related resources, etc.
Published at
2023-10-11 14:57:02Event JSON
{
"id": "c587aa0d712676c7a3b12022d09a3c7b4da64d36d38a0160b9f1abb9659953d7",
"pubkey": "05bbadaea41d30c3cf3b7fb1027622eb00cca66635fc9047053df7f9a54cb0c7",
"created_at": 1697036222,
"kind": 1,
"tags": [
[
"e",
"527a1dc7ea23894ace44eade1938ce4995bd85d8193387a65089ce766e76658d",
"wss://relay.mostr.pub",
"reply"
],
[
"proxy",
"https://fosstodon.org/users/drewdevault/statuses/111216965860245757",
"activitypub"
]
],
"content": "What I have in mind: report to vendors and they file an advisory in a YAML format; this is disseminated via web, JSON, plain text (can be forwarded to mailing lists), RSS feeds (per vendor), and an automated Mastodon feed.\n\nVendors get a page they can fill in with project details, security policies, who to report to, where to find security-related resources, etc.",
"sig": "1daea5bd0252f6842122e3dea49520056b3ddc2aea13e1c2b9eaf516ba9fa6dd747ee0770f35303287e3d005991770268bef2a5e264de5310efc1f1f30ce51e3"
}
