From b388a8771547ea9a6cb58d254adf867ebefa27c4 Mon Sep 17 00:00:00 2001
From: Matt Farina <matt@mattfarina.com>
Date: Tue, 5 Jun 2018 10:41:26 -0400
Subject: [PATCH] Adding security contacts to charter

---
 sig-apps/Charter.md | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/sig-apps/Charter.md b/sig-apps/Charter.md
index 059d2f60eeb..f61b143d81d 100644
--- a/sig-apps/Charter.md
+++ b/sig-apps/Charter.md
@@ -63,6 +63,14 @@ Membership for roles tracked in: [sigs.yaml]
   - *MAY* participate in decision making for the subprojects they hold roles in
   - Includes all reviewers and approvers in [OWNERS] files for subprojects
 
+- Security Contact
+  - *MUST* be a contact point for the Product Security Team to reach out to for
+    triaging and handling of incoming issues
+  - *MUST* accept the [Embargo Policy](https://github.com/kubernetes/sig-release/blob/master/security-release-process-documentation/security-release-process.md#embargo-policy)
+  - Defined in `SECURITY_CONTACTS` files, this is only relevant to the root file in
+    the repository, there is a template
+    [here](https://github.com/kubernetes/kubernetes-template-project/blob/master/SECURITY_CONTACTS)
+
 ## Organizational management
 
 - SIG meets weekly on zoom with agenda in meeting notes