Cryptography and SSL/TLS Toolkit

Sensitive Information Table

Examples of the types of information considered sensitive include (but are not limited to): * Personal bank account details; * Credit card details; * Other financial identifiers; * Legal contracts including customer contracts, contractor contracts etc; * Minutes of OMC committee meetings; * Committee private votes; * System passwords; * Security Vulnerabilities, Security Reports; * Fipslab organisation repositories in GHE * Personal email address, name, address and other combinations of personally identifiable information; * Documents that have been specifically marked with the “Confidential” string; * Commercial financial information eg sales data, customer lists etc; * Proprietary information of OpenSSL; * Any data that could harm the legitimate financial and reputational interests of OpenSSL if unauthorised access occurred.

Special Exclusions The OMC have authorised the following Special Exclusions in line with The Policy: * Name & Email where provided by a Committer as part of the committing process.