Security Team Mailing Aliases
=============================

All security vulnerabilities may be reported to
security@lists.trustedfirmware.org. They will be forwarded to the appropriate
project security teams(s). Alternatively, there are project specific aliases
that may be used directly:

* **OP-TEE** : op-tee-security@lists.trustedfirmware.org
* **Trusted-Firmware-A** : tf-a-security@lists.trustedfirmware.org
* **Trusted-Firmware-M** : tf-m-security@lists.trustedfirmware.org
* **MCUboot** : mcuboot-security@lists.trustedfirmware.org
* **Mbed TLS** : mbed-tls-security@lists.trustedfirmware.org

If you choose to encrypt your report, the same
:download:`PGP key <pub_security_at_trustedfirmware_subkeys_3.asc>` may be used
for any of these aliases.