# Security Policy

Thanks for taking the time to engage with the project! We believe in the concept
of
[coordinated disclosure](https://en.wikipedia.org/wiki/Coordinated_vulnerability_disclosure)
and currently expect a 60 day grace period for resolution of any outstanding
issues.

## Supported Versions

All versions will be considered for security fix backports where possible.

## Reporting a Vulnerability

Please log a security-template issue on Github and directly contact one of the
core team members via email:

- [William](mailto:william@blackhats.net.au)
- [James](mailto:james+kanidm@terminaloutcomes.com)

We will endeavour to respond to your request as soon as possible, no bounties
are available, but acknowledgement will be made if you like.