Policy
We're pretty simple when it comes to coordinated vulnerability disclosures.
- Security issues with our site or infrastructure can be reported to security@kedalion.nl.
- We will acknowledge anyone who reports issues, here on this page.
- We do not have a bug bounty program, but will offer a small monetary compensation for critical security issues.
- Spam issues may be reported to abuse@kedalion.nl.
- And yes, we have a security.txt.
More information about the security.txt standard can be found here.
Tess' public key for S/MIME email can be found here.
Acknowledgements
Thanks to:
- Vaibhav Jain, for suggesting we setup MTA STS. (Jan 2025)
- Dankel Ahmed, for reminding us that our hosting provider doesn't support DNS SEC. (Jan 2025)
- Ashok Kumar Pareek, for suggesting we implement a TLS RPT record. (Apr 2025)