From cb2a030c86e01f8ead0eb22086b1ae5dd9fc5207 Mon Sep 17 00:00:00 2001
From: Leon Klingele <git@leonklingele.de>
Date: Fri, 19 Jan 2018 20:03:43 +0100
Subject: [PATCH] VRP: Suggest to use PGP encrypted email over plain text email

---
 VULNERABILITY_RESPONSE_PROCESS.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/VULNERABILITY_RESPONSE_PROCESS.md b/VULNERABILITY_RESPONSE_PROCESS.md
index 47a3c4f..3b14a67 100644
--- a/VULNERABILITY_RESPONSE_PROCESS.md
+++ b/VULNERABILITY_RESPONSE_PROCESS.md
@@ -52,7 +52,7 @@ PGP key fingerprint = 1218 6272 CD48 E253 9E2D  D29B 66A7 6ECF 9144 09F1
 ## III. Incident response
 
 1. Researcher submits report via one or both of two methods:
-    - a. Email
+    - a. PGP encrypted Email (use the appropriate fingerprints [listed in section I](#i-points-of-contact-for-security-issues) or as included in the Monero repo in `utils/gpg_keys/`)
     - b. [HackerOne](https://hackerone.com/monero)
 
 2. Response Team designates a Response Manager who is in charge of the particular report based on availability and/or knowledge-set