Adding security contacts to charter

kubernetes · Jun 5, 2018 · b388a87 · b388a87
1 parent b243a35
commit b388a87
Showing 1 changed file with 8 additions and 0 deletions.
diff --git a/sig-apps/Charter.md b/sig-apps/Charter.md
@@ -63,6 +63,14 @@ Membership for roles tracked in: [sigs.yaml]
   - *MAY* participate in decision making for the subprojects they hold roles in
   - Includes all reviewers and approvers in [OWNERS] files for subprojects
 
+- Security Contact
+  - *MUST* be a contact point for the Product Security Team to reach out to for
+    triaging and handling of incoming issues
+  - *MUST* accept the [Embargo Policy](https://github.com/kubernetes/sig-release/blob/master/security-release-process-documentation/security-release-process.md#embargo-policy)
+  - Defined in `SECURITY_CONTACTS` files, this is only relevant to the root file in
+    the repository, there is a template
+    [here](https://github.com/kubernetes/kubernetes-template-project/blob/master/SECURITY_CONTACTS)
+
 ## Organizational management
 
 - SIG meets weekly on zoom with agenda in meeting notes