This repository serves as a way to collaborate on the work products, and our goal is to avoid prosecuting those whose only crime is that of curiosity.

Anyone is welcome to contribute in a positive, transparent way. Err on the side of submitting a PR for changes you would like to see happen, and if you wish to debate an issue, file an issue. This is a wonderful repository to add issues and questions to if you're a bit newer to information security policy and would like to start learning to participate.

This repository will eventually contain multiple translations of the definition of a good faith cybersecurity researcher and best practices for vulnerability owners, so avoid idiom, long or complex words, and difficult to follow grammatical constructions in your sentences.

If you have questions, you can email Tarah at t@tarah.org. I will tell you right now that my answer will be: 'tell me your opinions in the form of a PR that be transparently reviewed' :D

This will never be perfect, but our job as a community here is rough consensus and running policy.

Links,

• Good Faith Cybersecurity Researcher definition - ENGLISH
• Contributors
• The Good Faith Cybersecurity Researchers Coalition