Talk:Security.txt

Needs a Criticism Section
There should be a section outlining criticism of this standard, notably:


 * the requirement to add Expires field is considered an unnecessary burden, since it requires site maintainers to regularly update an expiration date for contact information that is unlikely to change;
 * the presence of this file is seen as an invite to would-be hackers to look for security issues in a website and demand payment for finding them;

(citations needed)