[ https://issues.apache.org/jira/browse/NIFI-9619?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17480274#comment-17480274 ]
ASF subversion and git services commented on NIFI-9619: ------------------------------------------------------- Commit 3d05844b713142851584d4990da2828c81cc1cfa in nifi's branch refs/heads/main from David Handermann [ https://gitbox.apache.org/repos/asf?p=nifi.git;h=3d05844 ] NIFI-9619 Removed GPG key from Security Mailing List reporting This closes #5702 Signed-off-by: David Handermann <exceptionfact...@apache.org> > Remove GPG key from Security Disclosure details > ----------------------------------------------- > > Key: NIFI-9619 > URL: https://issues.apache.org/jira/browse/NIFI-9619 > Project: Apache NiFi > Issue Type: Improvement > Components: Documentation & Website > Reporter: David Handermann > Assignee: David Handermann > Priority: Trivial > Time Spent: 50m > Remaining Estimate: 0h > > The Security Vulnerability Disclosure instructions reference a GPG key > fingerprint for secur...@nifi.apache.org as an option for reporting sensitive > information. The public key associated with the fingerprint expired on > 2021-03-23. The difficulty of sharing a GPG private key with all members of > the PMC outweighs the potential benefit of supporting this method of > vulnerability reporting. For these reasons, the GPG key fingerprint should be > removed from the Security Vulnerability Disclosure instructions. -- This message was sent by Atlassian Jira (v8.20.1#820001)