chg: [threat-actor-naming] feedback merged + need to add reference to MISP galaxy format

threat-actor-naming/threat-actor-naming.html

@@ -499,8 +499,8 @@
 <li>No clearly defined text format to describe the same threat actor (e.g. Is the threat actor name case sensitive? Is there a dash or a space between the two words?)</li>
 <li>Confusion between techniques/tools used by a threat actor versus its name (e.g. naming a threat actor after a specific malware used)</li>
 <li>Lack of source and list from vendors to describe their threat actor names and the reasoning behind the naming (e.g. did they name the threat actor after a specific set of campaigns? or specific set of targets?)</li>
-<li>Lack of time-based information about the threat actor name, such as date of naming</li>
-<li>Lack of open "registry" of reference, accessible to all, where to register a new threat actor name, or to access all already named threat actors. The "registry" can contain the time-based information mentionned above.</li>
+<li>Lack of time-based information about the threat actor name, such as date of naming or and UUID.</li>
+<li>Lack of open mirrored "registry" of reference, accessible to all, where to register a new threat actor name, or to access all already named threat actors. The "registry" can contain the time-based information mentionned above, it is a tool.</li>
 </ul>
 
 <p> </p>

threat-actor-naming/threat-actor-naming.txt

@@ -104,7 +104,7 @@ Table of Contents
       specific set of targets?)
 
    o  Lack of time-based information about the threat actor name, such
-      as date of naming
+      as date of naming or and UUID.
 
 
 
@@ -114,10 +114,10 @@ Dulaunoy & Bourmeau     Expires December 11, 2020               [Page 2]
 Internet-Draft   Recommendations on naming threat actors       June 2020
 
 
-   o  Lack of open "registry" of reference, accessible to all, where to
-      register a new threat actor name, or to access all already named
-      threat actors.  The "registry" can contain the time-based
-      information mentionned above.
+   o  Lack of open mirrored "registry" of reference, accessible to all,
+      where to register a new threat actor name, or to access all
+      already named threat actors.  The "registry" can contain the time-
+      based information mentionned above, it is a tool.
 
    This document proposes a set of guidelines to name threat actors.
    The goal is to reduce the above mentioned issues.

threat-actor-naming/threat-actor-naming.xml

@@ -39,8 +39,8 @@ as a:</t>
 <t>No clearly defined text format to describe the same threat actor (e.g. Is the threat actor name case sensitive? Is there a dash or a space between the two words?)</t>
 <t>Confusion between techniques/tools used by a threat actor versus its name (e.g. naming a threat actor after a specific malware used)</t>
 <t>Lack of source and list from vendors to describe their threat actor names and the reasoning behind the naming (e.g. did they name the threat actor after a specific set of campaigns? or specific set of targets?)</t>
-<t>Lack of time-based information about the threat actor name, such as date of naming</t>
-<t>Lack of open &quot;registry&quot; of reference, accessible to all, where to register a new threat actor name, or to access all already named threat actors. The &quot;registry&quot; can contain the time-based information mentionned above.</t>
+<t>Lack of time-based information about the threat actor name, such as date of naming or and UUID.</t>
+<t>Lack of open mirrored &quot;registry&quot; of reference, accessible to all, where to register a new threat actor name, or to access all already named threat actors. The &quot;registry&quot; can contain the time-based information mentionned above, it is a tool.</t>
 </list>
 </t>
 <t>This document proposes a set of guidelines to name threat actors. The goal is to reduce the above mentioned issues.</t>