Nice idea, but...
Nice idea, but it's not going to work. Most of the sites I run across with problems have already been hacked. If the hacker can add files, he/she can usually remove files as well. If this became a standard, the security.txt file would be the first thing they delete.
What you're trying to accomplish can already be done with WHOIS (providing the people maintaining and enforcing WHOIS databases do their job). Unfortunately, ICANN and others think it's more important that people can hide (a.k.a. "Domain Privacy") than the original intent of the WHOIS data, which was to provide reliable contact information to owners of a domain or IP address!!