Skip to content

Commit 46d543a

Browse files
davidfischerdavidfischer
committed
Update RTD security docs
1 parent 648e6fd commit 46d543a

File tree

5 files changed

+77
-41
lines changed

5 files changed

+77
-41
lines changed

docs/index.rst

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -104,6 +104,7 @@ Information about development is also available:
104104
settings
105105
i18n
106106
issue-labels
107+
security
107108
api/index
108109

109110
.. _business-docs:

docs/security.rst

Lines changed: 68 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,68 @@
1+
Security
2+
========
3+
4+
Security is very important to us at Read the Docs. We are committed to responsible reporting and disclosure of security issues.
5+
6+
Reporting a security issue
7+
~~~~~~~~~~~~~~~~~~~~~~~~~~
8+
9+
If you believe you've discovered a security issue at Read the Docs, please contact us at **[email protected]** (optionally using our :ref:`pgp-key`). We request that you please not publicly disclose the issue until it has been addressed by us.
10+
11+
You can expect:
12+
13+
* We will respond acknowledging your email typically within one business day.
14+
* We will follow up if and when we have confirmed the issue with a timetable for the fix.
15+
* We will notify you when the issue is fixed.
16+
* We will add the issue to our :ref:`security issue archive <security-issue-archive>`.
17+
18+
.. _pgp-key:
19+
20+
PGP key
21+
~~~~~~~
22+
23+
You may use this `PGP key`_ to securely communicate with us and to verify signed messages you receive from us.
24+
25+
.. _PGP key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x71337C3047A1B066
26+
27+
::
28+
29+
-----BEGIN PGP PUBLIC KEY BLOCK-----
30+
Version: SKS 1.1.0
31+
32+
mQENBE/U7XsBCADPGU00RobDzUzbrfbNHSY/KTr1qI1ZxYUxtp9k/lScTWa/zerbYQQrLdwd
33+
kQDh/qi7t/hoxW2rL63YOoX4Da80d7C3sfNq9Z3hPo1GY2cQnwmtkRr2dNzATm95U5cTFAt2
34+
SdxScxzZvPpTKukFRye+SExqQDKVAfZ/Ojt6tRFSky2dTIb0pWvu10vRwD4yNgV8ru8SOKtj
35+
JNMecyrlvhzdIb1FE1rV7KCPx7EIwf3GQqCFW1sMM3GJBLOtXH5CKsqhxri9pTsLgWMC4ESO
36+
QrX/ZFxlwmKbcvoaOWxNSR8wgu5NX6rScvcynDEe7xPH5wDVqgBXJJodvLtQLPWX4GZ3ABEB
37+
AAG0JUVyaWMgSG9sc2NoZXIgPGVyaWNAZXJpY2hvbHNjaGVyLmNvbT6JATwEEwECACYFAk/U
38+
7XsCGy8FCQeGH4AGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRBxM3wwR6GwZnm9CADO171A
39+
H/nYyNAaaTufxEyvvxFL9DrCgZYD2rilfvXkh8+tRVEnA0HM8/5rr/KzfqT/EEKEmVDtrB1o
40+
hTXzLfE+ZsBqngEfp94/F4Fd/5fXM5DAKkZEIlHeOGpeD10m21nJoJ+uBxJZyoLyVd2FJhJv
41+
mJ1/ZBkdJS5odvUwgRbPZyseA9Ozff0Vdm303eXYZpIVSsTtuTsYg5A1/Mwa0BgIeo9Ml91O
42+
6MDCBrGmyb3NfkdEIcviF5zd3yb8331AwMGNJ+HA6u7oLgrPvpONfZxFwiOhfB2VSRBf4zfp
43+
gzw/8LyxaXlADnoLAefP8AbtQPUg+HRV/KeggsW8aM4J55RUuQENBE/U7XsBCACxj756cjlj
44+
cA6ivrB9NwXAna19ID7r/fKFBnZG94CPskH5FdXczNtxEeQe/LwxkjbAhVT2TYpHAt+yJphl
45+
8RbeC+KCtoqyJNDKHc9eGNAnCHpjtUMt+UTnx9lf5M209Z6EFmlGRo8QaiJ4Y7mH9T+E9OyT
46+
cp/iLhct2Rj4uKXwkn69YrSqpHYPTN8SbnKeRObmOT56ufLnvsPT6j+dhCURHDuJeVGBDyrX
47+
yki+yrqY/Bdvf+u3mpXUNBOkvzJSSYw0frZxkf2fV6hrfqw4ox+RH7UoMAq2snWj7soxmY0m
48+
1wKjmekV6AG0w5ZDLJKcN8i0BvxesSWlynQJQUm1vGA7ABEBAAGJAkQEGAECAA8FAk/U7XsC
49+
Gy4FCQeGH4ABKQkQcTN8MEehsGbAXSAEGQECAAYFAk/U7XsACgkQCbrTGsxPhhhxigf/Y5a+
50+
se1foq4lV5PCmUip+W34LBfEpaZaTWwxLzK35pgeS3f3cWe7ljohMA6qEuS5pksqjpdMYZrj
51+
hHihCTh7lu+gwdcf3I5rXKvtdoqz16NRl4E//RZ0tBvGTTeQgtFNp/Lom1QDnPM64W5bTinQ
52+
G1yUNiNGDi2k7IdzHL1iLtwpZsyiWDpAl8m0BDhpPLGfTzx3DI73AJFz7eevfSeGpAGHRcCS
53+
czyA6Ts2UY1clurITvTis4h3OKMqavtU7qN4/OehRxdEnbuzW/NPtJ+rar3oyzdPmsT+TkcN
54+
TTEM/sCrpjWJUa5hF4mqchEEudtmCWyoP5Av9nsn6vF9XjmxaPPRCAC5OAreWwNTcCfAkBtd
55+
nZLuHxPO4QnA0VEH5A4uCveH7x4CiSLRLJw0j76KRTjL23KNceW3Xs4uha7k7Xkq+uzmy2A6
56+
PoMsnhoVmOjh49Iq7vb8gv7WJvhUusGEFnLiD4chYIptdPiV3FuYHdQ/352fwh3DYgLRz9+A
57+
MSfdxN6HfgqPM8Coef0gh+8OstnWJpWBpE6kX8NJw5sZ8aJM8bZDhWro9tg0DVLE1SZ9GiuV
58+
HxVDrjba92q09KkdVvgifbXzlzsc4bnh+BWjpOkYKH39Q4LuQUySJLWlSkYHUKLpCnlrYfo/
59+
luSpsAyzljd2WIX4OVtbOodsJeBYutS2AxBO
60+
=yZOS
61+
-----END PGP PUBLIC KEY BLOCK-----
62+
63+
.. _security-issue-archive:
64+
65+
Security issue archive
66+
~~~~~~~~~~~~~~~~~~~~~~
67+
68+
It's only a matter of time...

readthedocs/templates/security.html

Lines changed: 5 additions & 41 deletions
Original file line numberDiff line numberDiff line change
@@ -2,50 +2,14 @@
22

33
{% load i18n %}
44

5-
{% load pagination_tags %}
6-
7-
{% block title %}Security{% endblock %}
5+
{% block title %}{% trans 'Security' %}{% endblock %}
86

97
{% block content %}
108

11-
Please email <a href="mailto:[email protected]">[email protected]</a> in the event of a security flaw discovered in Read the Docs.
12-
13-
You can sign your message with the following <a href="http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x71337C3047A1B066">GPG key</a>:
14-
15-
<pre>
16-
-----BEGIN PGP PUBLIC KEY BLOCK-----
17-
Version: SKS 1.1.0
9+
<h2>{% trans 'Security at Read the Docs' %}</h2>
1810

19-
mQENBE/U7XsBCADPGU00RobDzUzbrfbNHSY/KTr1qI1ZxYUxtp9k/lScTWa/zerbYQQrLdwd
20-
kQDh/qi7t/hoxW2rL63YOoX4Da80d7C3sfNq9Z3hPo1GY2cQnwmtkRr2dNzATm95U5cTFAt2
21-
SdxScxzZvPpTKukFRye+SExqQDKVAfZ/Ojt6tRFSky2dTIb0pWvu10vRwD4yNgV8ru8SOKtj
22-
JNMecyrlvhzdIb1FE1rV7KCPx7EIwf3GQqCFW1sMM3GJBLOtXH5CKsqhxri9pTsLgWMC4ESO
23-
QrX/ZFxlwmKbcvoaOWxNSR8wgu5NX6rScvcynDEe7xPH5wDVqgBXJJodvLtQLPWX4GZ3ABEB
24-
AAG0JUVyaWMgSG9sc2NoZXIgPGVyaWNAZXJpY2hvbHNjaGVyLmNvbT6JATwEEwECACYFAk/U
25-
7XsCGy8FCQeGH4AGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRBxM3wwR6GwZnm9CADO171A
26-
H/nYyNAaaTufxEyvvxFL9DrCgZYD2rilfvXkh8+tRVEnA0HM8/5rr/KzfqT/EEKEmVDtrB1o
27-
hTXzLfE+ZsBqngEfp94/F4Fd/5fXM5DAKkZEIlHeOGpeD10m21nJoJ+uBxJZyoLyVd2FJhJv
28-
mJ1/ZBkdJS5odvUwgRbPZyseA9Ozff0Vdm303eXYZpIVSsTtuTsYg5A1/Mwa0BgIeo9Ml91O
29-
6MDCBrGmyb3NfkdEIcviF5zd3yb8331AwMGNJ+HA6u7oLgrPvpONfZxFwiOhfB2VSRBf4zfp
30-
gzw/8LyxaXlADnoLAefP8AbtQPUg+HRV/KeggsW8aM4J55RUuQENBE/U7XsBCACxj756cjlj
31-
cA6ivrB9NwXAna19ID7r/fKFBnZG94CPskH5FdXczNtxEeQe/LwxkjbAhVT2TYpHAt+yJphl
32-
8RbeC+KCtoqyJNDKHc9eGNAnCHpjtUMt+UTnx9lf5M209Z6EFmlGRo8QaiJ4Y7mH9T+E9OyT
33-
cp/iLhct2Rj4uKXwkn69YrSqpHYPTN8SbnKeRObmOT56ufLnvsPT6j+dhCURHDuJeVGBDyrX
34-
yki+yrqY/Bdvf+u3mpXUNBOkvzJSSYw0frZxkf2fV6hrfqw4ox+RH7UoMAq2snWj7soxmY0m
35-
1wKjmekV6AG0w5ZDLJKcN8i0BvxesSWlynQJQUm1vGA7ABEBAAGJAkQEGAECAA8FAk/U7XsC
36-
Gy4FCQeGH4ABKQkQcTN8MEehsGbAXSAEGQECAAYFAk/U7XsACgkQCbrTGsxPhhhxigf/Y5a+
37-
se1foq4lV5PCmUip+W34LBfEpaZaTWwxLzK35pgeS3f3cWe7ljohMA6qEuS5pksqjpdMYZrj
38-
hHihCTh7lu+gwdcf3I5rXKvtdoqz16NRl4E//RZ0tBvGTTeQgtFNp/Lom1QDnPM64W5bTinQ
39-
G1yUNiNGDi2k7IdzHL1iLtwpZsyiWDpAl8m0BDhpPLGfTzx3DI73AJFz7eevfSeGpAGHRcCS
40-
czyA6Ts2UY1clurITvTis4h3OKMqavtU7qN4/OehRxdEnbuzW/NPtJ+rar3oyzdPmsT+TkcN
41-
TTEM/sCrpjWJUa5hF4mqchEEudtmCWyoP5Av9nsn6vF9XjmxaPPRCAC5OAreWwNTcCfAkBtd
42-
nZLuHxPO4QnA0VEH5A4uCveH7x4CiSLRLJw0j76KRTjL23KNceW3Xs4uha7k7Xkq+uzmy2A6
43-
PoMsnhoVmOjh49Iq7vb8gv7WJvhUusGEFnLiD4chYIptdPiV3FuYHdQ/352fwh3DYgLRz9+A
44-
MSfdxN6HfgqPM8Coef0gh+8OstnWJpWBpE6kX8NJw5sZ8aJM8bZDhWro9tg0DVLE1SZ9GiuV
45-
HxVDrjba92q09KkdVvgifbXzlzsc4bnh+BWjpOkYKH39Q4LuQUySJLWlSkYHUKLpCnlrYfo/
46-
luSpsAyzljd2WIX4OVtbOodsJeBYutS2AxBO
47-
=yZOS
48-
-----END PGP PUBLIC KEY BLOCK-----
49-
</pre>
11+
{% blocktrans %}
12+
For more details on security at Read the Docs or to report a security issue, please see our <a href="https://docs.readthedocs.io/en/latest/security.html">security policy</a>.
13+
{% endblocktrans %}
5014

5115
{% endblock %}

readthedocs/templates/security.txt

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
Policy: https://docs.readthedocs.io/en/latest/security.html

readthedocs/urls.py

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -34,6 +34,8 @@
3434
url(r'^$', HomepageView.as_view(), name='homepage'),
3535
url(r'^support/', SupportView.as_view(), name='support'),
3636
url(r'^security/', TemplateView.as_view(template_name='security.html')),
37+
url(r'^.well-known/security.txt',
38+
TemplateView.as_view(template_name='security.txt', content_type='text/plain')),
3739
]
3840

3941
rtd_urls = [

0 commit comments

Comments
 (0)