<!-- BEGIN IanaIO SECURITY.MD V0.0.1 BLOCK -->

## Security

	IanaIO takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations, which include [IanaIO - www.iana.io](https://github.com/ianaio), [Proud America - proudamerica.us](https://github.com/proudamerica-us), [Crypto Search](https://github.com/crypto-search-engine), and [our GitHub organizations](https://opensource.iana.io/).

If you believe you have found a security vulnerability in any IanaIO-owned repository that meets [IanaIO's definition of a security vulnerability](https://security.iana.io/definition-of-a-security-vulnerability), please report it to us as described below.

## Reporting Security Issues

**Please do not report security vulnerabilities through public GitHub issues.**

Instead, please report them to the IanaIO Security Response Center (IARC) at [https://security.iana.io/create-report](https://security.iana.io/create-report).

If you prefer to submit without logging in, send email to [security@iana.io](mailto:security@iana.io).  If possible, encrypt your message with our PGP key; please download it from the [IanaIO Security Response Center PGP Key page](https://security.iana.io/response-center/pgp-key), or you can search for (ianaio) string in the [MIT PGP Sever](https://pgp.mit.edu/).

You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Additional information can be found at [security.iana.io/response-center](https://www.iana.io/en-us/msrc?rtc=2). 

Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue:

  * Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
  * Full paths of source file(s) related to the manifestation of the issue
  * The location of the affected source code (tag/branch/commit or direct URL)
  * Any special configuration required to reproduce the issue
  * Step-by-step instructions to reproduce the issue
  * Proof-of-concept or exploit code (if possible)
  * Impact of the issue, including how an attacker might exploit the issue

This information will help us triage your report more quickly.

If you are reporting for a bug bounty, more complete reports can contribute to a higher bounty award. Please visit our [IanaIO Bug Bounty Program](https://security.iana.io/response-center/bounty) page for more details about our active programs.

## Preferred Languages

We prefer all communications to be in English.

## IanaIO Security and OutSourcing

IanaIO help you find a job in Security in the USA and Europe. More info on page [IanaIO Security Job and Outsourcing](https://jobs.iana.io/security-outsourcing)


## Policy

IanaIO follows the principle of [Coordinated Vulnerability Disclosure](https://security.iana.io/cvd).

<!-- END IanaIO SECURITY.MD BLOCK -->