@@ -8,7 +8,7 @@ Each team lead identifies a security point person from their team to be the resp
...
@@ -8,7 +8,7 @@ Each team lead identifies a security point person from their team to be the resp
# OpenPGP role key
# OpenPGP role key
A Tor Security "role" OpenPGP key is generated for the uid tor-security@torproject.org and its fingerprint is published on the [Tor Project's help pages](https://support.torproject.org/misc/bug-or-feedback) detailing how to report a security issues. It is up to the reporter to encrypt the mail to the alias with this key, encryption is encouraged, but not required.
A [Tor Security "role" OpenPGP key](process/engineering/SecurityRoleKey) is generated for the uid tor-security@torproject.org and its fingerprint is published on the [Tor Project's help pages](https://support.torproject.org/misc/bug-or-feedback) detailing how to report a security issues. It is up to the reporter to encrypt the mail to the alias with this key, encryption is encouraged, but not required.
The OpenPGP secret key material for the tor-security@torproject.org UID is distributed to the security point people, so they can decrypt any encrypted mail.
The OpenPGP secret key material for the tor-security@torproject.org UID is distributed to the security point people, so they can decrypt any encrypted mail.
