How to Report or Inquire About Security Issues
If you suspect you have found a security defect in BIND, DHCP, or Kea, or if you wish to inquire about a security issue that you have learned about which has not yet been publicly announced, ISC encourages you to get in touch with our Security Officer by following the process described at https://www.isc.org/reportbug/.
Alternatively, you can email us at email@example.com. However, plain-text e-mail is not a secure choice for communications concerning undisclosed security issues so we ask that you please encrypt your communications to us using the ISC Security Officer public key which can be found on our website at: https://www.isc.org/pgpkey/.
Learn more about our Security Vulnerability Disclosure Policy here: ISC Software Defect and Security Vulnerability Disclosure Policy.