Field Name,Description,Multiple Appearances,Status,Change Controller,Reference
Acknowledgments,link to page where security researchers are recognized,yes,current,IETF,[RFC9116]
Canonical,canonical URI for this file,yes,current,IETF,[RFC9116]
Contact,contact information to use for reporting vulnerabilities,yes,current,IETF,[RFC9116]
CSAF,Link to a provider-metadata.json resource of the Common Security Advisory Framework (CSAF),yes,current,[OASIS_Open],"[Common Security Advisory Framework Version 2.0, OASIS Standard]"
Expires,date and time after which this file is considered stale,no,current,IETF,[RFC9116]
Encryption,link to a key to be used for encrypted communication,yes,current,IETF,[RFC9116]
Hiring,link to the vendor's security-related job positions,yes,current,IETF,[RFC9116]
Policy,link to security policy page,yes,current,IETF,[RFC9116]
Preferred-Languages,list of preferred languages for security reports,no,current,IETF,[RFC9116]