Update the VDP and add the .well-known/security.txt meta file

SECURITY.md

@@ -10,14 +10,14 @@ At the European Commission, we treat the security of our Communication and Infor
 ## If you have identified a vulnerability, please do the following
 
 - E-mail your findings to <EC-VULNERABILITY-DISCLOSURE@ec.europa.eu>, specifying whether or not you agree to your name or pseudonym being made publicly available as the discoverer of the problem.
-- Encrypt your findings using our [PGP key](https://sks.hnet.se/pks/lookup?search=EC-VULNERABILITY-DISCLOSURE%40ec.europa.eu&fingerprint=on&op=index) to prevent this critical information from falling into the wrong hands.
-- Provide us sufficient information to reproduce the problem so that we can resolve it as quickly as possible. Usually, the IP address or the URL of the affected system and a description of the vulnerability will be sufficient, but complex vulnerabilities may require further explanation in terms of technical information or potential proof-of-concept code.
+- Encrypt your findings using our [PGP key](https://pgp.mit.edu/pks/lookup?op=get&search=0x6773AACDF09F6628) to prevent this critical information from falling into the wrong hands.
+- Provide us with sufficient information to reproduce the problem so that we can resolve it as quickly as possible. Usually, the IP address or the URL of the affected system and a description of the vulnerability will be sufficient, but complex vulnerabilities may require further explanation in terms of technical information or potential proof-of-concept code.
 - Provide your report in English, preferably, or in any other official language of the European Union.
 - Inform us if you agree to make your name/pseudonym publicly available as the discoverer of the vulnerability.
 
 ## Please do not do the following
 
-- Do not take advantage of the vulnerability or problem you have discovered, for example by downloading more data than necessary to demonstrate the vulnerability, deleting, or modifying other people’s data.
+- Do not take advantage of the vulnerability or problem you have discovered, for example, by downloading more data than necessary to demonstrate the vulnerability, deleting, or modifying other people’s data.
 - Do not reveal any data downloaded during the discovery to any other parties.
 - Do not reveal the problem to others until it has been resolved.
 - Do not perform the following actions:
@@ -29,7 +29,7 @@ At the European Commission, we treat the security of our Communication and Infor
   - Changing access rights for any other users.
   - Using automated scanning tools.
   - Using the so-called "brute force" of access to the system.
-  - Using denial-of-service or social engineering (phishing, vishing, spam etc.).
+  - Using denial-of-service or social engineering (phishing, vishing, spam, etc.).
 - Do not use attacks on physical security.
 
 ## What we promise

security/.well-known /security.txt

@@ -0,0 +1,6 @@
+Contact: mailto:EC-VULNERABILITY-DISCLOSURE@ec.europa.eu,
+Expires: 2025-12-31T23:59:59.000Z
+Encryption: https://github.com/eu-digital-identity-wallet/eudi-doc-architecture-and-reference-framework/blob/main/security/pgp-key.txt
+Preferred-Languages: en
+Canonical: https://github.com/eu-digital-identity-wallet/eudi-doc-architecture-and-reference-framework/blob/main/security/.well-known/security.txt
+Policy: https://github.com/eu-digital-identity-wallet/eudi-doc-architecture-and-reference-framework/blob/main/SECURITY.md

security/pgp-key.txt

@@ -0,0 +1,99 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: SKS 1.1.6
+Comment: Hostname: pgp.mit.edu
+
+mQINBGB0SvgBEADdvQmw+kfNqunbTXwui3uLdF9HymnTyGUREsCn3bxdFDcdY2WfThI/7Sfz
+pRI8cr4Zcl9ZQPHkg+t0Yx59wQMWxGGB/jZ7+xZ7YnwPeESFDX2/zq3dC9PyCvAiTI8H6nFQ
+APNfn+wq5JsLwRcG4F9NFH93U1Q4rGhiCHFx+yvBIB8W19b6T87Nh1Ikhpkl7z/1bAfgccHK
+EtbU//9k3dj3YvKvQrp/BzRIVwDRBTqFKKRi/aL6fvC0IsFYJKZab9OvdXlyD5/wUJYrYtQE
+zAPwc/m11bNPBJvNLYqz3gs5s8XOVz6Crqrvsb5qLkB12nZt7G+Mry3rDizqGi2jCUyt6jaf
+ARF8kD3+oohp2isFrEuY/3hHK/6Sbas//toruXLa4gZvGq9TdwGST/bZechibDUaGT9UWyaj
+EgDI9xQ8rbPzqh98U3c+5xFmyyETryHqtUHqKkpm3JA6hb/s3r+XxKmWd1IlcjgMr7mJtnwY
+zwNDfEfMzH2AwAPdDB4Ru1qaJMRaxfX6hGqXdtj+0CSPE2eOgYgB24dSFIhjF8kmvnydopaa
+n8nPmV7Vv4nxo2dIqJvcfkrakZMAlmtLHAg64SFkGAkrxaOzNiRXtTP8EjM/p7AktnXeYuGQ
+c56O/FsCCCPmEVRIHsWEC1EGKBrOxiYmR9OfRUaq/hBHJ3PTtQARAQABtEZFQyBWVUxORVJB
+QklMSVRZIERJU0NMT1NVUkUgPEVDLVZVTE5FUkFCSUxJVFktRElTQ0xPU1VSRUBlYy5ldXJv
+cGEuZXU+iQEzBBABCAAdFiEEXpWfQC94SQf0rZEnsot02u2nX4kFAmJDCj0ACgkQsot02u2n
+X4mQfAf/Wz10UmEmdu169u3xvkfMcUO2bkkC7OzsZyO1hEp9LUD0Xb1uZOT3pRJtvC3HN5n0
+EI4XB1dg69qC7i7no0glPut3wRkpUnQqu4Eeel3TlJVbl/6bwgqra8YvUY+9AvV6T0KRShyn
+vZe7Hn7b0FGySobZKptrSxh5AUzTPr1mfWi75KvwV1WyT7dbJ1+3McEBaephWi4GUCar631s
+bl14CaLqqwuE7VTDJkpSvNU8Xenb/ZXtG/Xq7mgBc+Z1Ed2psNRm9LnuTfzRzr9C2OXLeL+g
+DvALUO47SOAb55KViZ+c3U0zD/uppOkqo06BYOzV92jhGhOdDWsJPExJKUQSRYkBMwQQAQgA
+HRYhBF6Vn0AveEkH9K2RJ7KLdNrtp1+JBQJiQwu/AAoJELKLdNrtp1+JXvEIALjAXjg1CA0Z
+vvXiL7eDOU+Ur9nCvTBLStuwCtAPBgbaaKPhuRTviS+uxQepEfsvoUawQgOnd1Xp9OAbKiUp
+LgsBdBQw6hsisFtvHtw+cimwv05EXmc83esZKrSx1A4rzQxM/wVc/bfnS9BbPfWIvNwyRnSj
+JlFsIvlbI+rrk05mZU3EMipjTca3EhQdVhHOcF5mq+gIhwyhLGs8UpTmd3n0fnom4Ogtn6XO
+f0hAa1WkKezS3jPjZ9StcR+LFA8ThtUpuMG4JArsihgAnD7h9HAscSo0DtUVqdl5H36UgH/H
+VUFAvqWBffmjc4nwRtW9GvcfPQAEkVvczoy4somirquJATMEEAEIAB0WIQRelZ9AL3hJB/St
+kSeyi3Ta7adfiQUCZOX8hwAKCRCyi3Ta7adfibonB/4q73G/63vyCDTIIUfcmx+OAe/FZnkM
+KjXFnlch1p8dMKBLqHd4anj8BnOYHSyBA1uGDPhivYeNE0LX8DZ25qTCw6MDHxeUjl7yDrOW
+4cUMVtY/aCFQkNJkD8own5Nyf4Al5QBfFyUWT0BmZBqLdcSZpsB5ATD6XoippVvJX/QYen6s
+xymdBnq1zvkTb6e9EtBi+OSUFdsUsHS+Z3P49LUDrYiIbHjScPAMI779opVWx0ShsGYgJlmn
+VoGXP8ggGg0VYJZwF4O4zi2Dh+vZZr5gnc2raX5ZQ2bqG8BWktNABPWxCSb/j7litSKsGdF4
+E5M8XtPZAPNv3QlgoKp4sNl+iQJUBBMBCAA+AhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheA
+FiEER2BObTDbig6L3gVdZ3OqzfCfZigFAmJmt6AFCQPUAmYACgkQZ3OqzfCfZiiLXxAAvU1g
+ljMEfSSOfCIYDFWb8BLRiYiEnrkA/0QvL9Ul49qw0ZT0JVMH0FcAKDWL2injESEiqQeae9v+
+AuH9KtgW5dFML6zX5eZjC6E4nGcMGTCuUNwvhxiUqjtBixmu9dnuvJGmgxZn/dMpMfByYYve
+EcbdKmU7ZzK4h0WFL5nX4c2WF50v4W9LhZ6EjZHTjIZy2QrVdsr2qiTFfya8/DPV0HmPoCrI
+SIE/UIZc3FoUFnZB2VnMYhBnZKMNRgSAiogHW7ilg9NUTAs9ztVX7ln39fEIpT9vs0bbLF8y
+G4cHrzIgrTu2Ft88xN6KhP1JE8UWwlsDMU7peyXAvtwBoloIiH/Vm7TxNfCYsxJYO/TA7div
+6XVT/RcatTFPRf7eIZnFDL39lStfc14CtsQZbhA5hNl+IV2TLgo7NH8ZOpeTMeR88g2Jrlwc
+cUFi204F1bYVpc4CnKhed4frhD5D9/dfBIND869o4z+fA7lKw7eQ3zm3ZEiA/Jsu4bdk6VKC
+cVFPGQ8r0yDOiDgae8FXYkiuuPKE0a66Nf69dL27qTRTWzjTwnWwtSq6oTGnH7jX5qyjHRU9
+mNlpDoUJkhnpuaX3fj6AOEIr9+gs6t89GwFAUG+cH0UbBMuQwVVRX+MzfAKnuTH1WDKXa9T+
+TkQB6TY/O/+2kR6kZFmXhHAsoREXayCJAlQEEwEIAD4CGwMFCwkIBwIGFQoJCAsCBBYCAwEC
+HgECF4AWIQRHYE5tMNuKDoveBV1nc6rN8J9mKAUCZFyuVwUJBcpN5wAKCRBnc6rN8J9mKAe2
+D/4jnI1u48JUrI5F/GSlVTiJPOf699TzFwOLayIxGAHZol5+pRRdCzEUr2GFENV1VNS6oo1d
+E0UQ6ygWdFye48crD5jzMccLCsAiHSBVDRugJNMVjTJnrOwVTdvpDHLSpEm9uYze6RnvrVcY
+KRnEmhf8erxAYbM5UBhTnneKfhVVVEMyJ3a6UcYPBPHOL64sYH1bhdC0MBxIkZLu8CeikGwI
+oudNKx/ns+GLlnnGJ38RHxVysiwGW9bZSwicaFN9HNRtv8S3JjQrrrS3ujTCOE9BbjySII05
+QY/2XddcBIB2UfJmPHRi8wZix6Lut3szrRQc/eHzeY+lu1Q95pvqMQH4m2G/wQtdf1n3qvNa
+CzGtd3qnePN+Ndep7GvRXL8upd3FEDe5wu1GB6ZnuKadQkGAejgRYp5qMC4kEgD2M3QT9vYc
+DFI8El5pM4X3ESMim7RuMn1lL7NMrDPvlltY6fTBfTe5cud3pxikTiIiOkHhgtp8QLVbDNEe
+auGbhJuejYfuITYpvqUhmg3j3yoa0cd+DLKkVSTKoTCLu31oXiJLBJ2zQuSHZU/GOF3jRw7Z
+RtbgdTRcIFMXROO650PsPdp8VsXFpLuulO9nGElDtYUuq0Ia2dYlhxLqcPrZdxBRL19fPbZJ
+AXkrkAL66Dms5d3q/dWkcLtF32BNa7mRDr8UaYkCVAQTAQgAPhYhBEdgTm0w24oOi94FXWdz
+qs3wn2YoBQJgdEr4AhsDBQkB4QKoBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJEGdzqs3w
+n2YodkEQAJevULEYkA7Wu8C8kNIdH/FMCAGx3PAY0AiKzoUH2r5juX4SrxnFQA+G+sFXHJ9q
+9adUQ7hju/0S9lA5uF4EGW7IxfQ5vJFDTh12sz9qPr9Pz58QVZTBtMfwWwVpH7+ePtapMG9Z
+enb/dMI7/GYkNpvBr+cqQPyF2L3ddzGkqKtjvme04vgMVx6MInmdW5Mf2+lUjbCOM6KUiZU+
+SCku4fRuA+Wnvq5GmWbVOIXmXK8VEUx0Xnp7aG1gpOXrkgykNh/67j2drjoFDsInkaU1Z8vc
+IYhoXOVeIz0YegY8DEMEia3kFFjNH5wXGUy3l1jbtzMvlwgn/Ly/KNeY8ME//lUSB8U/Fan9
+4mYpVo521tG35mz71zaS5VfL3scnjaGU9QdoqdB4eLwNp0seZHDE5014hgUsbB5OMOflCxVI
+clBV9FN4SEosaJ5XIyVfCYe83j3+49BtI34wu32G2oiyB4eiH6+YJoGS6BA+o2f3lM0QOW92
++b8BPlSK2fE2cmTxPzjGslaoVibdRhWIfLPTPZVMJU8KcoiTPk9C5zmdbPM/+eUzUgVQ45j6
+NDJ0voCWz4GF7XP79DYekzw72kv93sIRiWku1wguKmNmaH+cSymXHY75EIGTEwPtEYPUVktv
+IMvCqd2YmMh+cUqVx5uAeV7iRmZHyAZ8uhhQgt5xVCpKuQINBGB0SvgBEACo+WXBBrNKr9Cz
+dYwOyEy1uRRhxgS5DrYbdbqp8FfSTTlgNFWGhOBwt5feKUd2SKvPEihYAKT5OSsFTs3U1uFf
+lE/zzsMbAUgt3cOGaRTEpPJ8dTjyPKkrY+8O0YnD6g3lH677zVRwfukXs8h77n1FYLWwvwQM
+TQImLprKokWEp2+Q9dJQuNddHHGATkMEQ6+TSVt+B8Yi73FZzG96sCkMUH8isjXm0OV5/lsA
+rSOjt61I2X6sz42wcEbpCqnWCp6HVe/+uqi1d2if9XhmNBy5FXuKP0cJXRoUPLoPXp/g1FYM
+N9qgNUpet1m5zNCg2RR1cf8SlmrroO6ox5rUoiVu7yopY+iX9bQbiV3kwLHUZiG8rliAGaeu
+SXXDe0vOJ/IWekmFBI8OVLI37hLitCHjKdiDPHhTMcjj4Bumm1H8kL2Ft8EkaTi99Jj59LbO
++vfLsTxigmjTv07AniS2FB3kDRY8ArR90pDMaA0ZF/At9z3jaoIZP1/R8N9SCieRcNCTuvF+
+n2CmADOdiZfVX40/Mg3Spce4oBAC/FwRr3cQskeP6950dHIAqNox507eALVyo+Ya3xsjecMS
+I0j+QntIuMh6b5SxwpuQVadGM45LGI//63eOkqREHgzxWwIJLs4V2Qn0flvV3QjbucjrMLkn
+dtUWg14Oy1LGN3bZvLsyqwARAQABiQI8BBgBCAAmAhsMFiEER2BObTDbig6L3gVdZ3OqzfCf
+ZigFAmTl/FcFCQXKTeYACgkQZ3OqzfCfZigzHhAAwHWjZKv/kTOudm0e2uEfehcOZOKsOiJv
+GOYRNUezcHZKqjfaLeicieQCZ/JWOiCmiI4Z7S1qZIC3fb6WRmOtsC5sCU9K7Ko7KRJHjwZK
+0xff6PWXCpR4CCtpyt6iYeDFu+ENEuhdbSBfwEW043gZCEvOhGn7RL499N7kfnXq04k060gv
+PgliM2roVmAtBT8DSak0Dt+FrdLnioPjqJb0F9GYOrnndCnkJyNFIXNIMcEm2HDWed6rxP8t
+pRMx/bsrFbM/ZbDOUqMJO4uJ/AXvprhUDrHxWWC5VW6gucIVCmMNtwvFd47DzkXglWgnjLqC
+oEXlQcmJ624jy6+f43iZH98BYIM3GyqtK5NaG1Eez6LTWOH4ZtMJr6/lcBtOZPUuJn8vtUhw
+sZaZ/56Ua2eVWm+db3yyQltApjDBQuC+nN0XuIyleeSVfDJZ6u6Hb0v9OklnhcNpNH0Fog2k
+zM8R/B034Ig8ymTIqITYv7Vh2eVHpwtwmUQypcBw5eMRdOOCcF2whICQAnQZLoZlqMnmwXa1
+LTbtKumieyISSxYoFMbGAkKrPF6ABeOGdQbFaZh/KSoginRqslvBxCcbDwnkYxaWYkzQacF9
+N4Wlm1aXQFgmhPTyAFRk6KJYXP5ojVPHQaii6J5UqjUN9f92rYu3MI9Efem3eGv0SG4N3fO1
+sYGJAjwEGAEIACYWIQRHYE5tMNuKDoveBV1nc6rN8J9mKAUCYHRK+AIbDAUJAeECqAAKCRBn
+c6rN8J9mKKd3D/9dIzmTr+snTXT4pU0aa8+p0Nj6AMkZjJHdLCWcL/56l+S4g4akdOUfWI4Z
+ufCNXKJ4GcLde8UWX7Zhr9xq/00a8sbsupmk4pLinJgwC6Tmg6KHWGb4ScRV3z+2TWuhhkeT
+WWIvnscxmXjuXWecRJ9nbwUcFZ7zl26P72eOmK1Omvmhm+dTqt4UyhKnBoIQ0BA45hNrOvWy
+9Pp702LO/BhI4Su1EFfjJ9jiqXuEsXab90Q+ig3PauRgJ95nWB8tGPKMGDnooZSTve5gtjGw
+6W2FJbL7HFKYZZCM95+ROYO6D9XJr78hZ2ocOhDuTwU1oGy1hUpCm29h2BfKUiqeYkHZ9w/s
+tyk5TyD1Ca5RsIbEFqUtiVJdhMcQuaT0WQYcVzXUKyiiOlOxbjVhWZ0WtkOsuCQWkHUAbRUs
+1NGsBldo31jQxTE/M+AIxEB0X0z0Pz/WxK4RQeMlK1qm3MraaZ9hh8gNyvfojvgEE7P/Mqv4
+PMNoqregEBqhVMzilk6eVAcY3axs/HLu7iqgJar+NqlEfklar1pm0ls9XJcn/vfv7XRAHWnm
+tpKeHLVpEEpZjDf5hAgU0BjxecC9pSOu5S12OYa4NQ6P49Kb2IIZRvxooSzH7MF4gIfi7/8C
+ItKxho+oBdJyG5cUpedCHB/YwNJFTpLfSlXItLxW2AxOqtfzDg==
+=wS9M
+-----END PGP PUBLIC KEY BLOCK-----