To report a security issue, please disclose it at [security advisory](https://github.com/certifi/python-certifi/security/advisories/new).

We will respond within 7 working days of your submission. If the issue is confirmed as a vulnerability, we will open a Security Advisory and acknowledge your contributions as part of it. This project follows a 90 day disclosure timeline.