The main purpose of security.txt is to help make things easier for companies and security researchers when trying to secure platforms. Thanks to security.txt, security researchers can easily get in touch with companies about security issues.

It’s currently an Internet draft that has been submitted for RFC review, which means they’re taking contributions from the public. Seems like a good idea to me.