securitytxt/security-txt issues and pull requests

#89 - Fixing NITS suggestions (#82) and adding some tagging (#84)

Pull Request - State: closed - Opened by nightwatchcyber over 6 years ago

#88 - Move draft branch to master.

Pull Request - State: closed - Opened by EdOverflow over 6 years ago

#87 - Tighten description of "links", particularly around relative URLs

Issue - State: closed - Opened by strugee over 6 years ago - 6 comments
Labels: ➡ Signature:

#86 - Awkward sentence

Issue - State: closed - Opened by strugee over 6 years ago - 2 comments

#85 - Present at next IETF meeting

Issue - State: closed - Opened by nightwatchcyber over 6 years ago - 2 comments
Labels: ⛃ IETF

#84 - Decide on branching/tagging

Issue - State: closed - Opened by nightwatchcyber over 6 years ago - 2 comments
Labels: ▶️ repo

#83 - Check ABNF grammar against ABNF checkers

Issue - State: closed - Opened by nightwatchcyber over 6 years ago - 3 comments
Labels: § ABNF

#82 - Address issues from the IETF NITS tool

Issue - State: closed - Opened by nightwatchcyber over 6 years ago - 2 comments
Labels: ▶️ spec, ⛃ IETF

#81 - Start working on draft version 03.

Pull Request - State: closed - Opened by EdOverflow over 6 years ago - 1 comment

#80 - Define hypermedia relations

Issue - State: closed - Opened by nickshanks over 6 years ago - 12 comments
Labels: ➡ New directive?, future work

#79 - Contact should always be a URI

Issue - State: closed - Opened by nickshanks over 6 years ago - 2 comments
Labels: duplicate, ➡ Contact:

#78 - Add security as a txt record in DNS

Issue - State: closed - Opened by jacorbello over 6 years ago - 1 comment
Labels: duplicate

#77 - Security considerations too weak for a cracked Web site

Issue - State: closed - Opened by bortzmeyer over 6 years ago - 9 comments
Labels: § Security

#76 - Request fields registry to be created by IANA

Issue - State: closed - Opened by nightwatchcyber over 6 years ago - 2 comments

#75 - Register security.txt file with IANA

Issue - State: closed - Opened by nightwatchcyber over 6 years ago - 4 comments
Labels: ⛃ IANA, on hold

#74 - Move Appendix A to the top of the draft, clarifying where the draft is being worked on

Issue - State: closed - Opened by nightwatchcyber over 6 years ago - 1 comment
Labels: ▶️ spec

#73 - Expand security considerations section to explain parsing issues

Issue - State: closed - Opened by nightwatchcyber over 6 years ago - 3 comments
Labels: § Security, TODO

#72 - Add language clarifying root directory as a fall back option

Issue - State: closed - Opened by nightwatchcyber over 6 years ago - 3 comments
Labels: ▶️ spec

#71 - Why bare line feeds?

Issue - State: closed - Opened by bortzmeyer over 6 years ago - 4 comments
Labels: § ABNF

#70 - Unicode plain text

Issue - State: closed - Opened by bortzmeyer over 6 years ago - 3 comments
Labels: § ABNF

#69 - Subdomains?

Issue - State: closed - Opened by bortzmeyer over 6 years ago - 10 comments
Labels: § Location

#68 - Define content-type for the response

Issue - State: closed - Opened by ScottHelme over 6 years ago - 7 comments
Labels: ▶️ spec

#67 - Add CI integration for automatic regeneration of draft artifacts

Issue - State: closed - Opened by nightwatchcyber over 6 years ago - 2 comments
Labels: ▶️ repo

#66 - Languages updates for the draft text

Pull Request - State: closed - Opened by martijnrusschen over 6 years ago - 4 comments

#65 - Mention that websites should reserve the security.txt namespace in the "Security Considerations" section.

Issue - State: closed - Opened by EdOverflow over 6 years ago - 1 comment
Labels: § Security

#64 - Using Encryption: for Policy: directive in draft-02's example.

Issue - State: closed - Opened by EdOverflow over 6 years ago - 4 comments
Labels: typo, ▶️ spec

#63 - Adding language to clarify Contact values as per issue #62

Pull Request - State: closed - Opened by nightwatchcyber over 6 years ago

#62 - Should "Contact" be a URI or broken out into email and telephone?

Issue - State: closed - Opened by nightwatchcyber over 6 years ago - 6 comments
Labels: ➡ Contact:, § ABNF

#61 - Adding history section, and addressing issues #55 and #14

Pull Request - State: closed - Opened by nightwatchcyber over 6 years ago - 1 comment

#60 - Signature file should be added to the Well-Known URI's registry

Pull Request - State: closed - Opened by rhymeswithmogul almost 7 years ago - 1 comment

#59 - Signature file should be added to the Well-Known URIs registry, too

Issue - State: closed - Opened by rhymeswithmogul almost 7 years ago - 2 comments

#58 - Cpanel - adding it to all new sites

Issue - State: closed - Opened by random-robbie almost 7 years ago - 1 comment
Labels: enhancement

#57 - Adding author

Pull Request - State: closed - Opened by nightwatchcyber almost 7 years ago - 1 comment

#56 - Fix "File systems" code block in the draft.

Issue - State: closed - Opened by EdOverflow almost 7 years ago - 1 comment
Labels: bug

#55 - Make it clear that security.txt.sig files should be served over HTTPS.

Issue - State: closed - Opened by EdOverflow almost 7 years ago - 2 comments

#54 - Expand on concerns around attackers changing security.txt

Issue - State: closed - Opened by nightwatchcyber almost 7 years ago - 2 comments
Labels: discussion

#53 - Include link to disclosure policy

Issue - State: closed - Opened by jeroenh almost 7 years ago - 5 comments
Labels: discussion

#52 - Explaining how this is different from RFC2142

Pull Request - State: closed - Opened by nightwatchcyber almost 7 years ago - 1 comment

#51 - Add a definition for a bounty program information page

Issue - State: closed - Opened by wabbenhuis almost 7 years ago - 2 comments

#50 - Adding IANA registry for extensibility to address issue #34

Pull Request - State: closed - Opened by nightwatchcyber almost 7 years ago - 1 comment

#49 - Adding IANA registry for extensibility to address issue #34

Pull Request - State: closed - Opened by nightwatchcyber almost 7 years ago - 2 comments

#48 - Adding IANA registration for .well-known and removing date

Pull Request - State: closed - Opened by nightwatchcyber almost 7 years ago - 1 comment

#47 - Removing non-markdown draft version

Pull Request - State: closed - Opened by nightwatchcyber almost 7 years ago - 1 comment
Labels: enhancement

#46 - Conversion to markdown and adding IETF drafting tools

Pull Request - State: closed - Opened by nightwatchcyber almost 7 years ago - 1 comment
Labels: enhancement

#45 - Fix Typo and Shield Link

Pull Request - State: closed - Opened by tanto259 almost 7 years ago - 1 comment
Labels: typo

#44 - chore(text): fix grammar

Pull Request - State: closed - Opened by lirantal almost 7 years ago - 2 comments
Labels: typo

#43 - Add a description for the purpose of the "Acknowldegements:" directive.

Issue - State: closed - Opened by EdOverflow almost 7 years ago - 1 comment

#42 - npm package for security-txt?

Issue - State: closed - Opened by gergelyke almost 7 years ago - 3 comments
Labels: question, tools

#41 - Have a consistent visual design

Issue - State: closed - Opened by nmaxcom almost 7 years ago - 4 comments
Labels: ▶️ website, design

#40 - Listing third-party libraries/parsers

Issue - State: closed - Opened by adamdecaf almost 7 years ago - 1 comment
Labels: question, tools

#39 - updated issues shield/link

Pull Request - State: closed - Opened by austinheap almost 7 years ago - 1 comment
Labels: typo

#38 - warrant canary url field

Issue - State: closed - Opened by jefforulez almost 7 years ago - 8 comments
Labels: discussion

#37 - Do we need to add some LICENSE with this project?

Issue - State: closed - Opened by himanshudas almost 7 years ago - 3 comments
Labels: discussion

#36 - Removes disclosure field from template

Pull Request - State: closed - Opened by tomnomnom almost 7 years ago

#35 - Allow to store "security.txt" contents in DNS TXT RR

Issue - State: closed - Opened by m-ueberall almost 7 years ago - 20 comments
Labels: future work

#34 - Other fields?

Issue - State: closed - Opened by hackerfactor almost 7 years ago - 1 comment
Labels: discussion

#33 - Onion addresses?

Issue - State: closed - Opened by hackerfactor almost 7 years ago - 2 comments
Labels: discussion

#32 - Clarify which directives are required

Issue - State: closed - Opened by eliihen almost 7 years ago - 2 comments
Labels: discussion

#31 - Joining with humans.txt

Issue - State: closed - Opened by noameppel almost 7 years ago - 12 comments
Labels: discussion

#30 - Allow to mark properties that do not allow security testing ("Permission")

Issue - State: closed - Opened by koto almost 7 years ago - 17 comments
Labels: ➡ New directive?, future work

#29 - Serve from /.well-known/security.txt

Issue - State: closed - Opened by gazoakley almost 7 years ago - 1 comment
Labels: duplicate

#28 - Ability to reference existing type 61 OPENPGPKEY DNS resource records

Issue - State: closed - Opened by m-ueberall almost 7 years ago - 5 comments
Labels: § Location

#27 - add "unfurl" link-preview summary to main website

Issue - State: closed - Opened by markhu almost 7 years ago - 1 comment

#26 - Multiple issues

Issue - State: closed - Opened by hackerfactor almost 7 years ago - 8 comments
Labels: discussion

#25 - Clarification and justification of relationship to RFC 2142

Issue - State: closed - Opened by dennypage almost 7 years ago - 13 comments
Labels: enhancement

#24 - Shipped products?

Issue - State: closed - Opened by ddillard about 7 years ago - 2 comments
Labels: question

#23 - E-mail address in clear text is a bad idea

Issue - State: closed - Opened by wimg about 7 years ago - 4 comments
Labels: discussion

#22 - Add some form of support for encrypting details

Issue - State: closed - Opened by Plazmaz about 7 years ago - 1 comment

#21 - exclusion / inclusion semantics

Issue - State: closed - Opened by jamesdavisjisc about 7 years ago - 1 comment
Labels: discussion

#20 - Disallow automated testing

Issue - State: closed - Opened by Arinerron about 7 years ago - 3 comments
Labels: enhancement

#19 - Verifying policy authenticty

Issue - State: closed - Opened by jskiba99 about 7 years ago - 5 comments
Labels: question

#18 - Consider submitting this to the IETF as a draft RFC

Issue - State: closed - Opened by lachlanhunt about 7 years ago - 2 comments
Labels: enhancement

#17 - Valid values for fields

Issue - State: closed - Opened by bAndie91 about 7 years ago - 2 comments
Labels: question

#16 - Allow environmental scores to be set for in-scope assets

Issue - State: closed - Opened by jobertabma about 7 years ago - 2 comments
Labels: enhancement

#15 - Use CWE for vulnerability type directive

Issue - State: closed - Opened by jobertabma about 7 years ago - 2 comments
Labels: enhancement

#14 - Track previous versions of security.txt file

Issue - State: closed - Opened by jobertabma about 7 years ago - 5 comments
Labels: discussion

#13 - Merge Platform and Security-page directive

Issue - State: closed - Opened by jobertabma about 7 years ago - 2 comments
Labels: discussion

#12 - Use JSON?

Issue - State: closed - Opened by oreoshake about 7 years ago - 28 comments
Labels: § File Format

#11 - Fix incorrect format

Pull Request - State: closed - Opened by xiaoyinl about 7 years ago - 1 comment
Labels: typo

#10 - Add security.txt generation utils

Issue - State: closed - Opened by emanuelb about 7 years ago - 5 comments
Labels: enhancement, hacktoberfest