Document how to report security issues.

[wiki] / contact.mdwn

diff --git a/contact.mdwn b/contact.mdwn
index 778c3a8..5ba929c 100644 (file)
--- a/contact.mdwn
+++ b/contact.mdwn
@@ -27,3 +27,9 @@ run your IRC client in screen just like us, just ask your question
 and wait. If you cannot stay on IRC and really want to ask a
 question, please do so via email, see above.
 A history of the channel is available on request.
+
+### Reporting security issues
+
+In case you have found a security issue in tinc, please report it via email
+to Guus Sliepen <guus@tinc-vpn.org>, preferrably PGP encrypted.
+We will then try to get a CVE number assigned, and coordinate a bugfix release with major Linux distributions.