diff options
| author | Tim Graham <timograham@gmail.com> | 2013-07-16 03:20:59 -0700 |
|---|---|---|
| committer | Tim Graham <timograham@gmail.com> | 2013-07-16 03:20:59 -0700 |
| commit | ce5c8a392f2f0e08d2d100c369ae28a3e86f4efc (patch) | |
| tree | d194047a6ce30bfeee76a01079b1ceb867effff7 /docs | |
| parent | 862a04a56d61238c8a9a159ce47d0fc879559a5c (diff) | |
| parent | aff0aa3af81b13e611c08000ae0c1f1d840b6c3c (diff) | |
Merge pull request #1358 from loic/docs
Rephrased the docs for reporting security issues to make it less intimidating.
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/internals/security.txt | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/docs/internals/security.txt b/docs/internals/security.txt index 7121ff31ec..486b2c9968 100644 --- a/docs/internals/security.txt +++ b/docs/internals/security.txt @@ -19,7 +19,7 @@ security@djangoproject.com**. Most normal bugs in Django are reported to `our public Trac instance`_, but due to the sensitive nature of security issues, we ask -that they *not* be publicly reported in this fashion. +that they **not** be publicly reported in this fashion. Instead, if you believe you've found something in Django which has security implications, please send a description of the issue via @@ -28,15 +28,17 @@ reaches a subset of the core development team, who can forward security issues into the private committers' mailing list for broader discussion if needed. -You can send encrypted email to this address; the public key ID for -``security@djangoproject.com`` is ``0xfcb84b8d1d17f80b``, and this -public key is available from most commonly-used keyservers. - Once you've submitted an issue via email, you should receive an acknowledgment from a member of the Django development team within 48 hours, and depending on the action to be taken, you may receive further followup emails. +.. note:: + + If you want to send an encrypted email (*optional*), the public key ID for + ``security@djangoproject.com`` is ``0xfcb84b8d1d17f80b``, and this public + key is available from most commonly-used keyservers. + .. _our public Trac instance: https://code.djangoproject.com/query .. _security-support: |
