From e25cae264c6823acedd3dc92ac7abc27d14fe4b5 Mon Sep 17 00:00:00 2001 From: "Allen D. Householder" Date: Wed, 24 Apr 2024 17:21:29 -0400 Subject: [PATCH] minor clean up --- docs/reference/policy_templates/Receivers.md | 1 - docs/reference/policy_templates/Reporters.md | 1 - docs/reference/policy_templates/_adjust_to_suit.md | 14 -------------- docs/reference/policy_templates/_usage.md | 11 +++++++++++ docs/reference/policy_templates/index.md | 11 ----------- 5 files changed, 11 insertions(+), 27 deletions(-) delete mode 100644 docs/reference/policy_templates/_adjust_to_suit.md diff --git a/docs/reference/policy_templates/Receivers.md b/docs/reference/policy_templates/Receivers.md index 268fe7b..40d21a2 100644 --- a/docs/reference/policy_templates/Receivers.md +++ b/docs/reference/policy_templates/Receivers.md @@ -10,7 +10,6 @@ or other organizations that receive vulnerability reports. ## Tips and Usage Notes -{% include-markdown "./_adjust_to_suit.md" %} {% include-markdown "./_usage.md" %} {% include-markdown "./_terminology.md" %} {% include-markdown "./_consistency_warning.md" %} diff --git a/docs/reference/policy_templates/Reporters.md b/docs/reference/policy_templates/Reporters.md index 3a84893..268c7c6 100644 --- a/docs/reference/policy_templates/Reporters.md +++ b/docs/reference/policy_templates/Reporters.md @@ -5,7 +5,6 @@ vulnerability disclosure program. ## Tips and Usage Notes -{% include-markdown "./_adjust_to_suit.md" %} {% include-markdown "./_usage.md" %} {% include-markdown "./_terminology.md" %} {% include-markdown "./_consistency_warning.md" %} diff --git a/docs/reference/policy_templates/_adjust_to_suit.md b/docs/reference/policy_templates/_adjust_to_suit.md deleted file mode 100644 index b5c20a2..0000000 --- a/docs/reference/policy_templates/_adjust_to_suit.md +++ /dev/null @@ -1,14 +0,0 @@ -!!! tip "Adjust to Your Needs" - - Organizations will likely find that some expectations do not apply to their - situation based on the kind of stakeholder they are. In particular we anticipate - that product vendors, service providers, and coordinators will have related but - distinct needs. Inclusion or exclusion of items from these templates into your - organization's policy should be based on which combination of stakeholder roles - you expect to play. - - Organizations using these templates might - - - change some of the SHOULDs to MUSTs or MAYs to SHOULD NOTs etc. - - add or remove items as needed - - change the wording to fit their organization's style or needs diff --git a/docs/reference/policy_templates/_usage.md b/docs/reference/policy_templates/_usage.md index fbc3919..591f208 100644 --- a/docs/reference/policy_templates/_usage.md +++ b/docs/reference/policy_templates/_usage.md @@ -1,5 +1,16 @@ !!! tip "How To Use These Templates" + Organizations will likely find that some expectations do not apply to their + situation based on the kind of stakeholder they are. In particular we anticipate + that + [product vendors](../../topics/roles/vendor.md), + [service providers](../../topics/roles/deployer.md), + and + [coordinators](../../topics/roles/coordinator.md) will have related but + distinct needs. Inclusion or exclusion of items from these templates into your + organization's policy should be based on which combination of stakeholder roles + you expect to play. + Here's a checklist of tasks you should complete in order to make use of these templates. diff --git a/docs/reference/policy_templates/index.md b/docs/reference/policy_templates/index.md index 06deeb7..883b57a 100644 --- a/docs/reference/policy_templates/index.md +++ b/docs/reference/policy_templates/index.md @@ -22,7 +22,6 @@ spawn a disclosure policy for an organization. choose to adopt all of these items wholesale without some modification. - - :material-feather: [Style Guide](./style_guide.md) --- @@ -40,14 +39,4 @@ spawn a disclosure policy for an organization. - -{% include-markdown "./_adjust_to_suit.md" %} {% include-markdown "./_usage.md" %} - -!!! note "Use of RFC 2119 Language" - - We've taken the approach of using [RFC 2119](https://datatracker.ietf.org/doc/html/rfc2119)-style - "MUST, SHALL, SHOULD..." language in active-voice sentences to describe what researchers/reporters and - vendors/coordinators/recipients should expect of each other. - -