Github has started supporting SECURITY.md to contain a project's security policy. Adding this information to the repository makes it easier to determine how to disclosure a vulnerability as SECURITY.md becomes a standard.
The pgp fingerprint and key is taken from bounty.ethereum.org.
