[keycloak-dev] Keycloak Website Updates - Security section

Bruno Oliveira bruno at abstractj.org
Wed Oct 4 08:03:31 EDT 2017


Good morning,

Today, we sometimes have people disclosing vulnerabilities at
the public mailing list. And later, they will find out that
there's a process to report it.

Now that we have the keycloak-security ML, I would like to suggest to make
such process evident into our website.

It's a common practice to have a "/security" path into your website. We
could do the same just creating an HTML and extracting the content from:
https://github.com/keycloak/keycloak.github.io/blob/master/community.html#L102-L113.
And of course, adding more details about how to do it.

Also, I would like to add it to the main page. That could be
done by replacing "Source" into the main menu with "Security".
"Source" is already referenced inside "Community" page,
people will figure out where to get the sources.

Does anything make sense?

--

abstractj


More information about the keycloak-dev mailing list