Contact Point Vulnerabilities

Dit is een afdruk van een pagina op Rechtspraak.nl. Kijk voor de meest actuele informatie op Rechtspraak.nl (http://www.rechtspraak.nl). Deze pagina is geprint op 01-01-1970.

Skip Navigation LinksHome > English > Contact Point Vulnerabilities

Obviously, The Dutch judiciary's (de Rechtspraaks) ICT systems need to be secure. That is why we pay a lot of attention to ICT security. Nevertheless, you may happen to discover a weak spot in one of our systems. We would be very grateful if you reported this weak spot to us, so that we can work together to investigate and solve the problem. It is essential, though, that you do this in a responsible manner. Not only for our sake, but for yours as well. You can be assured that your report will not have any legal consequences for you if you follow the guidelines below.

 Note:

>Alles uitklappen
    • Email your findings to cert@rechtspraak.nl. Please encrypt your email with the Dutch judiciary's (de Rechtspraaks) PGP key, to keep the information from falling into the wrong hands.
    • Submit your report as soon as possible after you have discovered the vulnerability.
    • Provide enough information to reproduce the problem, so that we can fix it as fast as possible. Usually, the IP address or URL of the affected system and a description of the vulnerability are sufficient, but, in more complex cases, additional information may be required.
    • Leave your contact information, so that we can work together to achieve a secure result. We need at least an email address or phone number from you.
    • ​Share information about the security problem with other parties.
    • Install malware.
    • Copy, change, or delete data in a system, or create a directory listing of a system.
    • Make changes to the system.
    • Enter the system repeatedly, or share access with others.
    • Access the system through a ‘brute force attack’.
    • Attempt a denial-of-service attack or use social engineering techniques.
    • We will treat your report confidentially and will not share your personal data with third parties without your permission, unless the law or a court order requires us to do so.
    • You will receive an acknowledgement of receipt within one business day.
    • You will receive a substantive response to your report within five business days.
    • If possible, we will work together with you to solve the problem. In any event, we will keep you informed about the progress.

    If your report has actually helped to improve the security of our ICT systems, you will receive a small gift as a token of our appreciation.