How to Report or Inquire About Security Issues

AA-01020

If you suspect you have found a security defect in BIND or DHCP, or if you wish to inquire about a security issue that you have learned about which has not yet been publicly announced, ISC encourages you to get in touch with our Security Officer by selecting the appropriate pull-down on the Bug Report Form on our website at: https://www.isc.org/community/report-bug/.


Alternatively, you can email us at security-officer@isc.org.  However, plain-text e-mail is not a secure choice for communications concerning undisclosed security issues so we ask that you please encrypt your communications to us using the ISC Security Officer public key which can be found on our: https://www.isc.org/downloads/software-support-policy/openpgp-key/.

Learn more about our Security Vulnerability Disclosure Policy here: ISC Software Defect and Security Vulnerability Disclosure Policy