-PowerDNS Security Policy
-========================
+PowerDNS and dnsdist Security Policy
+====================================
-If you have a security problem to report, please email us at both security@powerdns.com and ahu@ds9a.nl.
-In case you want to encrypt your report using PGP, please use:
-https://www.powerdns.com/powerdns-keyblock.asc
+If you have a security problem to report, please email us at both peter.van.dijk@powerdns.com and remi.gacogne@powerdns.com.
+In case you want to encrypt your report using PGP, please use: https://doc.powerdns.com/powerdns-keyblock.asc
Please do not mail security issues to public lists, nor file a ticket, unless we do not get back to you in a timely manner.
We fully credit reporters of security issues, and respond quickly, but please allow us a reasonable timeframe to coordinate a response.
-We remind PowerDNS users that under the terms of the GNU General Public License, PowerDNS comes with ABSOLUTELY NO WARRANTY.
+We remind PowerDNS and dnsdist users that under the terms of the GNU General Public License, PowerDNS and dnsdist come with ABSOLUTELY NO WARRANTY.
This license is included in this documentation.
-HackerOne
----------
-Security issues can also be reported on [our HackerOne page](https://hackerone.com/powerdns) and might fetch a bounty.
-Do note that only the PowerDNS software is in scope for the HackerOne program, not our websites or other infrastructure.
+Yes We Hack
+-----------
+Security issues can also be reported on [our YesWeHack page](https://yeswehack.com/programs/powerdns) and might fetch a bounty.
+Do note that only the PowerDNS software (PowerDNS Authoritative Server, the PowerDNS Recursor and dnsdist) is in scope for the YesWeHack program, not our websites or other infrastructure.
Disclosure Policy
-----------------