Adopt the Rust CoC; use mailing list for vuln reports

2021-08-08 11:12:16 +01:00 · 2021-08-08 11:12:16 +01:00 · 2822f9e795
parent 4bda1083aa
commit 2822f9e795
3 changed files with 13 additions and 2 deletions
--- a/CODE_OF_CONDUCT.md
+++ b/CODE_OF_CONDUCT.md
@ -0,0 +1,5 @@
+# Code of conduct
+
+This project adopts the [Rust Code of Conduct](https://www.rust-lang.org/policies/code-of-conduct).
+Please email rustls-mod@googlegroups.com to report any instance of misconduct, or if you
+have any comments or questions on the Code of Conduct.
--- a/README.md
+++ b/README.md
@ -313,3 +313,9 @@ Rustls is distributed under the following three licenses:
 These are included as LICENSE-APACHE, LICENSE-MIT and LICENSE-ISC
 respectively.  You may use this software under the terms of any
 of these licenses, at your option.
+
+# Code of conduct
+
+This project adopts the [Rust Code of Conduct](https://www.rust-lang.org/policies/code-of-conduct).
+Please email rustls-mod@googlegroups.com to report any instance of misconduct, or if you
+have any comments or questions on the Code of Conduct.
--- a/SECURITY.md
+++ b/SECURITY.md
@ -6,8 +6,8 @@ Security fixes will be backported to the most recent three minor version lines.

 ## Reporting a Vulnerability

-Please report security bugs by filing a github issue, or by
-email to jbp@jbp.io if you want to disclose privately.  I'll then:
+Please report security bugs by email to rustls-security@googlegroups.com.
+We'll then:

 - Prepare a fix and regression tests.
 - Backport the fix and make a patch release for most recent release.