On Fri, 7 Aug 2020, Jay Daley wrote:
Is the overall effort here really just framing what the security.txt for all IETF-LLC properties/things should be?Is it your recommendation that we publish a security.txt? If we were to then I would imagine it would do no more than point to this policy.
Please don't publish a security.txt file. See the previous discussions on SAAG why security.txt is not useful, and actually harmful. Paul
