Overviewdocuments the expectations for users of VINCE and coordinated vulnerability disclosure processes led by the CERT/CC.
|Table of Contents|
Harassment: We define harassment as unwelcome or hostile behavior, including but not limited to speech that intimidates, creates discomfort, or interferes with a person's participation or opportunity for participation; verbal threats or demands; degrading language; intimidation; harassing photography, screen shots, or audio or video recording; inappropriate physical contact; sexual imagery; unwelcome sexual attention; stalking; unsolicited physical contact; and sustained disruption of the coordination process, including case handling workflows, presentations, and other events. Similarly, encouraging others to engage in such behavior is not permitted, nor are false accusations of harassment.
VINCE platform: The software service that the CERT/CC provides to enable its coordinated vulnerability disclosure practice.
VINCE user: Any user of the VINCE platform, including CERT/CC analysts, researchers, vendors, and other participants.
CERT/CC analyst: Individuals authorized to represent the CERT/CC within the VINCE platform.
References and other resources
Portions of this document are adapted from
The Contributor Covenant, version 2.0, available at https://www.contributor-covenant.org/version/2/0/code_of_conduct/
We also recommend VINCE users be familiar with and use bias-free languagedraft https://tools.ietf.org/html/draft-knodel-terminology-03Statement on Racism and Black, African-American African Diaspora Inclusion, https://www.usenixorg/blog/usenix-statement-racism-and-black-african-american-and-african-diaspora-inclusion