security: add private distributor list, and its application template

Signed-off-by: Gyuho Lee <leegyuho@amazon.com>

security/README.md

@@ -35,3 +35,13 @@ A public disclosure date is negotiated by the etcd Product Security Committee an
 ## Security Audit
 
 A third party security audit was performed by Trail of Bits, find the full report [here](SECURITY_AUDIT.pdf).
+
+## Private Distributor List
+
+This list provides actionable information regarding etcd security to multiple distributors. Members of the list may not use the information for anything other than fixing the issue for respective distribution's users. If you continue to leak information and break the policy outlined here, you will be removed from the list.
+
+### Request to Join
+
+New membership requests are sent to security@etcd.io.
+
+File an issue [here](https://github.com/etcd-io/etcd/issues/new?template=distributors-application.md), filling in the criteria template.

security/security-release-process.md

@@ -11,7 +11,11 @@ The PSC is responsible for organizing the entire response including internal com
 The initial PSC will consist of volunteers who have been involved in the initial discussion:
 
 - Brandon Philips (**[@philips](https://github.com/philips)**) [4096R/154343260542DF34]
+- Gyuho Lee (**[@gyuho](https://github.com/gyuho)**)
+- Joe Betz (**[@jpbetz](https://github.com/jpbetz)**)
 - Sahdev Zala (**[@spzala](https://github.com/spzala)**)
+- Sam Batschelet (**[@hexfusion](https://github.com/hexfusion)**)
+- Xiang Li (**[@xiang90](https://github.com/xiang90)**)
 
 The PSC members will share various tasks as listed below: