From 9730d8ee0b040fda73e3c5e2e95a828635ebac8c Mon Sep 17 00:00:00 2001
From: Doug Davis <dug@microsoft.com>
Date: Mon, 16 Oct 2023 13:09:05 +0000
Subject: [PATCH] Add our security mailing list to the README

Signed-off-by: Doug Davis <dug@microsoft.com>
---
 README.md | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index f5f86229d..d36cc6cfe 100644
--- a/README.md
+++ b/README.md
@@ -120,8 +120,9 @@ native ecosystem by making our systems interoperable with CloudEvents.
 
 ### Security Concerns
 
-If there is a security concern with one of the specifications in this
-repository please [open an issue](https://github.com/cloudevents/spec/issues).
+If there is a security concern with one of the CloudEvents specifications, or
+with one of the project's SDKs, please send an email to
+[cncf-cloudevents-security@lists.cncf.io](mailto:cncf-cloudevents-security@lists.cncf.io).
 
 A security assessment was performed by
 [Trail of Bits](https://www.trailofbits.com/) in October 2022. The report