Export added

misp-core-format/raw.md.txt

@@ -76,8 +76,8 @@ Table of Contents
    3.  References  . . . . . . . . . . . . . . . . . . . . . . . . .   6
      3.1.  Normative References  . . . . . . . . . . . . . . . . . .   6
      3.2.  Informative References  . . . . . . . . . . . . . . . . .   6
-   Appendix A.  Acknowledgements . . . . . . . . . . . . . . . . . .   6
-   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .   6
+   Appendix A.  Acknowledgements . . . . . . . . . . . . . . . . . .   7
+   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .   7
 
 1.  Introduction
 
@@ -264,15 +264,15 @@ Internet-Draft              MISP core format                October 2016
    An Org object is composed of an uuid, name and id.
 
    The uuid represents the Universally Unique IDentifier (UUID)
-   [RFC4122] of the organization.  The uuid is globally assigned to an
-   organization and SHALL be kept overtime.
-
-   uuid is represented as a JSON string. uuid MUST be present.
+   [RFC4122] of the organization.  The organization UUID is globally
+   assigned to an organization and SHALL be kept overtime.
 
    The name is a readable description of the organization and SHOULD be
-   present.
-
+   present.  The id is a human-readable identifier generated by the
+   instance and used as reference in the event.
 
+   uuid, name and id are represented as a JSON string. uuid, name and id
+   MUST be present.
 
 
 
@@ -282,19 +282,29 @@ Dulaunoy & Iklody         Expires April 4, 2017                 [Page 5]
 Internet-Draft              MISP core format                October 2016
 
 
+2.3.1.1.  Sample Org Object
+
+          "Org": {
+                  "id": "2",
+                  "name": "CIRCL",
+                  "uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
+                 }
+
 2.3.2.  Orgc
 
    An Orgc object is composed of an uuid, name and id.
 
    The uuid MUST be preserved for any updates or transfer of the same
    event.  UUID version 4 is RECOMMENDED when assigning it to a new
-   event.  orgc_id is globally assigned to an organization and SHALL be
-   kept overtime.
+   event.  The organization UUID is globally assigned to an organization
+   and SHALL be kept overtime.
 
    The name is a readable description of the organization and SHOULD be
-   present.
+   present.  The id is a human-readable identifier generated by the
+   instance and used as reference in the event.
 
-   orgc_id is represented as a JSON string. orgc_id SHOULD be present.
+   uuid, name and id are represented as a JSON string. uuid, name and id
+   MUST be present.
 
 3.  References
 
@@ -320,16 +330,6 @@ Internet-Draft              MISP core format                October 2016
    [MISP-P]   MISP, , "MISP Project - Malware Information Sharing
               Platform and Threat Sharing", <https://github.com/MISP>.
 
-Appendix A.  Acknowledgements
-
-   The authors wish to thank all the MISP community to support the
-   creation of open standards in threat intelligence sharing.
-
-Authors' Addresses
-
-
-
-
 
 
 
@@ -338,6 +338,13 @@ Dulaunoy & Iklody         Expires April 4, 2017                 [Page 6]
 Internet-Draft              MISP core format                October 2016
 
 
+Appendix A.  Acknowledgements
+
+   The authors wish to thank all the MISP community to support the
+   creation of open standards in threat intelligence sharing.
+
+Authors' Addresses
+
    Alexandre Dulaunoy
    Computer Incident Response Center Luxembourg
    41, avenue de la gare
@@ -369,13 +376,6 @@ Internet-Draft              MISP core format                October 2016
 
 
 
-
-
-
-
-
-
-