Hello guys, In regards to the discussion opened here http://openejb.979440.n4.nabble.com/Security-reporting-requirements-td4667859.html
I'm creating a page on our website to describe the security process. I mainly took inspiration from other apache projects (tomcat to name but a few). I will commit it without any link and push again here so that anyone is free to say yes or no and to comment, add additional information. -- Jean-Louis
