Create a small document that explains who to contact for security stuff
We need to collect a small set of email addresses, gpg keys, and other information about notification of security important related updates.
For Debian - we contact Peter For Ubuntu - we contact Jacob For OpenWRT - we contact Jacob For Android - we contact Nathan and Helix For Windows - we contact Helix For Redhat - we contact ??? For Gentoo - we contact ???
For other distros - do we want to to contact vendor-sec and call it a day?