Add security policy document

Author: Relequestual

.github/SECURITY.md

@@ -0,0 +1,11 @@
+# Reporting Security Issues
+
+The JSON Schema project does not house any implementation of JSON Schema itself. If you have found a security issue in any implementation of JSON Schema, please contact the appropriate maintainers, per the projects security reporting guidelines, if any.
+
+To report a security issue, please use the GitHub Security Advisory "https://github.com/json-schema-org/json-schema-spec/security/advisories/new" tab.
+
+If you find a security issue in relation to the JSON Schema specification or another repository within this GitHub organization, please use the above.
+
+The JSON Schema project TSC will review and respond to all security reports. Please follow [coordinated disclosure](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/about-coordinated-disclosure-of-security-vulnerabilities).
+
+If you are a maintainer of an implementation, please consider [adding a security policy](https://docs.github.com/en/code-security/getting-started/adding-a-security-policy-to-your-repository). If you need assistance in understanding a report, or remediation of a confirmed issue, please feel free to reach out to us on our Slack server, in the `#implementations` channel, and ask for a temporary private channel to discuss your situation or concerns.