From 003137681d6556b8682d6dc61356595a3330a37c Mon Sep 17 00:00:00 2001
From: Greg Marsden <greg.marsden@oracle.com>
Date: Mon, 30 Oct 2023 14:01:43 -0700
Subject: [PATCH 1/2] Create security.md

Add instructions for reporting security vulnerabilities
---
 security.md | 7 +++++++
 1 file changed, 7 insertions(+)
 create mode 100644 security.md

diff --git a/security.md b/security.md
new file mode 100644
index 0000000..29548cf
--- /dev/null
+++ b/security.md
@@ -0,0 +1,7 @@
+# Reporting OpenELA Security Vulnerabilities
+
+## Reporting Security Issues
+Please report security issues to the Technical Steering Committee.
+https://github.com/openela/governance/tree/main/TSC#contacting-the-openela-tsc
+
+We encourage the use of GPG encrypted email.

From 035ccf370a35b5c9bd8481a05b38924dc884f532 Mon Sep 17 00:00:00 2001
From: Greg Marsden <greg.marsden@oracle.com>
Date: Mon, 30 Oct 2023 14:10:40 -0700
Subject: [PATCH 2/2] Add encryption key note for TSC contact info

---
 TSC/README.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/TSC/README.md b/TSC/README.md
index e7ce080..5521de6 100644
--- a/TSC/README.md
+++ b/TSC/README.md
@@ -67,4 +67,6 @@ requested and approved by the OpenELA TSC on a per-individual basis.
 
 ## Contacting the OpenELA TSC
 
-The TSC can be contacted via the email address: [tsc@openela.org](mailto:tsc@openela.org)
+The TSC can be contacted via the email address: [tsc@openela.org](mailto:tsc@openela.org) 
+GPG public key available upon request.
+