X-Git-Url: https://asedeno.scripts.mit.edu/gitweb/?a=blobdiff_plain;f=doc%2Ffeedback.but;h=e0854fc54311d930c41b2fb15c54a1d76009d16c;hb=359b5c8eb45ff56c62032cf147fcdb3723d54324;hp=04bbab9807e99bea8e5a6f9781211f9b524b178f;hpb=c47a0a1f4e03500bc13d0a74d7aa17526bcd21a1;p=PuTTY.git

diff --git a/doc/feedback.but b/doc/feedback.but
index 04bbab98..e0854fc5 100644
--- a/doc/feedback.but
+++ b/doc/feedback.but
@@ -1,5 +1,3 @@
-\define{versionidfeedback} \versionid $Id$
-
 \A{feedback} \ii{Feedback} and \i{bug reporting}
 
 This is a guide to providing feedback to the PuTTY development team.
@@ -52,6 +50,9 @@ the URL; that way, we don't have to download it unless we decide we
 actually need it, and only one of us needs to download it instead of
 it being automatically copied to all the developers.
 
+(If the file contains confidential information, then you could encrypt
+it with our Secure Contact Key; see \k{pgpkeys-pubkey} for details.)
+
 Some people like to send mail in MS Word format. Please \e{don't}
 send us bug reports, or any other mail, as a Word document. Word
 documents are roughly fifty times larger than writing the same
@@ -203,6 +204,20 @@ will explain what you need to know. \e{Then}, if you think the
 documentation could usefully have told you that, send us a bug
 report and explain how you think we should change it.
 
+\H{feedback-vulns} Reporting security vulnerabilities
+
+If you've found a security vulnerability in PuTTY, you might well want
+to notify us using an encrypted communications channel, to avoid
+disclosing information about the vulnerability before a fixed release
+is available.
+
+For this purpose, we provide a GPG key suitable for encryption: the
+Secure Contact Key. See \k{pgpkeys-pubkey} for details of this.
+
+(Of course, vulnerabilities are also bugs, so please do include as
+much information as possible about them, the same way you would with
+any other bug report.)
+
 \H{feedback-features} Requesting extra features 
 
 If you want to request a new feature in PuTTY, the very first things