Update documentation around the security release process

[justaugustus]

Carrying over discussion from #732 (comment)...

To better filter the audiences for security release communications, we (@kubernetes/release-engineering + @kubernetes/product-security-committee) are proposing the use of an additional kubernetes.io group (security-release-team@).

Membership to security-release-team will be restricted to:

• security@ (PSC)
• release-managers-private@ (SIG Release Chairs, Patch Release Team, Branch Managers)

If/when kubernetes/k8s.io#492 merges, we will need to issue updates to, at a minimum:

• Security Release Process - Update security-release-process.md with ref to security-release-team@ email committee-security-response#63
• (psc/releng: Update references to the security release process #900) Release Managers
• (psc/releng: Update references to the security release process #900) Release Manager onboarding template

ref: https://groups.google.com/a/kubernetes.io/d/topic/security/E_yV--bf-8c/discussion

/assign
/area release-eng
/milestone v1.18
/priority important-soon
/kind documentation cleanup

[justaugustus]

kubernetes/k8s.io#492 has merged and the mailing list updates have been applied.
I'll proceed with the doc updates after I cut 1.17.0.

[fejta-bot]

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale

[joelsmith]

/remove-lifecycle stale