Add a security.txt file to torproject.org
security.txt files give people the information they need to contact Tor when they find a security issue.
It's an IETF draft, and Google has done it, so maybe we should too: https://securitytxt.org/
We can use the existing information at: https://www.torproject.org/about/contact#security
And we might want to:
- add a PGP key file
- add a signature
- maybe add a policy or acknowledgements when we decide how they work