|
|
|
|
|
|
by thaeli
1401 days ago
|
|
|
If H1 was willing to take and triage reports without requiring acceptance of their terms and NDA, that would be fine. We also need to be very clear that the moment a company, or it's authorized representative, flags something as a wontfix or "not a security issue", full and immediate disclosure is fair game. |
|
|