MISP
/
misp-standard.org
mirror of https://github.com/MISP/misp-standard.org
2
0
Fork 0
Code Issues Releases Wiki Activity

chg: [misp-core] standard updated regarding first_seen/last_seen added at attribute and object level

pull/2/head
Alexandre Dulaunoy 2020-01-22 10:44:09 +01:00
parent 55f6d63494
commit bcac386ce1
No known key found for this signature in database
GPG Key ID: 09E2CD4944E6CBCD
2 changed files with 182 additions and 114 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
rfc/misp-standard-core.html
View File

@ -813,10 +813,10 @@
<br>comment, text, other, size-in-bytes, counter, datetime, cpe, port, float, hex, phone-number, boolean, anonymised</dd> <br>comment, text, other, size-in-bytes, counter, datetime, cpe, port, float, hex, phone-number, boolean, anonymised</dd>
<dt>Payload delivery</dt> <dt>Payload delivery</dt>
<dd style="margin-left: 8"> <dd style="margin-left: 8">
<br>md5, sha1, sha224, sha256, sha384, sha512, sha512/224, sha512/256, ssdeep, imphash, impfuzzy, authentihash, pehash, tlsh, cdhash, filename, filename|md5, filename|sha1, filename|sha224, filename|sha256, filename|sha384, filename|sha512, filename|sha512/224, filename|sha512/256, filename|authentihash, filename|ssdeep, filename|tlsh, filename|imphash, filename|impfuzzy, filename|pehash, mac-address, mac-eui-64, ip-src, ip-dst, ip-dst|port, ip-src|port, hostname, domain, email-src, email-dst, email-subject, email-attachment, email-body, url, user-agent, AS, pattern-in-file, pattern-in-traffic, stix2-pattern, yara, sigma, mime-type, attachment, malware-sample, link, malware-type, comment, text, hex, vulnerability, weakness, x509-fingerprint-sha1, x509-fingerprint-md5, x509-fingerprint-sha256, ja3-fingerprint-md5, hassh-md5, hasshserver-md5, other, hostname|port, email-dst-display-name, email-src-display-name, email-header, email-reply-to, email-x-mailer, email-mime-boundary, email-thread-index, email-message-id, mobile-application-id, whois-registrant-email, anonymised</dd> <br>md5, sha1, sha224, sha256, sha384, sha512, sha512/224, sha512/256, ssdeep, imphash, impfuzzy, authentihash, pehash, tlsh, cdhash, filename, filename|md5, filename|sha1, filename|sha224, filename|sha256, filename|sha384, filename|sha512, filename|sha512/224, filename|sha512/256, filename|authentihash, filename|ssdeep, filename|tlsh, filename|imphash, filename|impfuzzy, filename|pehash, mac-address, mac-eui-64, ip-src, ip-dst, ip-dst|port, ip-src|port, hostname, domain, email-src, email-dst, email-subject, email-attachment, email-body, url, user-agent, AS, pattern-in-file, pattern-in-traffic, stix2-pattern, yara, sigma, mime-type, attachment, malware-sample, link, malware-type, comment, text, hex, vulnerability, weakness, x509-fingerprint-sha1, x509-fingerprint-md5, x509-fingerprint-sha256, ja3-fingerprint-md5, hassh-md5, hasshserver-md5, other, hostname|port, email-dst-display-name, email-src-display-name, email-header, email-reply-to, email-x-mailer, email-mime-boundary, email-thread-index, email-message-id, mobile-application-id, chrome-extension-id, whois-registrant-email, anonymised</dd>
<dt>Payload installation</dt> <dt>Payload installation</dt>
<dd style="margin-left: 8"> <dd style="margin-left: 8">
<br>md5, sha1, sha224, sha256, sha384, sha512, sha512/224, sha512/256, ssdeep, imphash, impfuzzy, authentihash, pehash, tlsh, cdhash, filename, filename|md5, filename|sha1, filename|sha224, filename|sha256, filename|sha384, filename|sha512, filename|sha512/224, filename|sha512/256, filename|authentihash, filename|ssdeep, filename|tlsh, filename|imphash, filename|impfuzzy, filename|pehash, pattern-in-file, pattern-in-traffic, pattern-in-memory, stix2-pattern, yara, sigma, vulnerability, weakness, attachment, malware-sample, malware-type, comment, text, hex, x509-fingerprint-sha1, x509-fingerprint-md5, x509-fingerprint-sha256, mobile-application-id, other, mime-type, anonymised</dd> <br>md5, sha1, sha224, sha256, sha384, sha512, sha512/224, sha512/256, ssdeep, imphash, impfuzzy, authentihash, pehash, tlsh, cdhash, filename, filename|md5, filename|sha1, filename|sha224, filename|sha256, filename|sha384, filename|sha512, filename|sha512/224, filename|sha512/256, filename|authentihash, filename|ssdeep, filename|tlsh, filename|imphash, filename|impfuzzy, filename|pehash, pattern-in-file, pattern-in-traffic, pattern-in-memory, stix2-pattern, yara, sigma, vulnerability, weakness, attachment, malware-sample, malware-type, comment, text, hex, x509-fingerprint-sha1, x509-fingerprint-md5, x509-fingerprint-sha256, mobile-application-id, chrome-extension-id, other, mime-type, anonymised</dd>
<dt>Payload type</dt> <dt>Payload type</dt>
<dd style="margin-left: 8"> <dd style="margin-left: 8">
<br>comment, text, other, anonymised</dd> <br>comment, text, other, anonymised</dd>
@ -1011,10 +1011,10 @@
<br>comment, text, other, size-in-bytes, counter, datetime, cpe, port, float, hex, phone-number, boolean, anonymised</dd> <br>comment, text, other, size-in-bytes, counter, datetime, cpe, port, float, hex, phone-number, boolean, anonymised</dd>
<dt>Payload delivery</dt> <dt>Payload delivery</dt>
<dd style="margin-left: 8"> <dd style="margin-left: 8">
<br>md5, sha1, sha224, sha256, sha384, sha512, sha512/224, sha512/256, ssdeep, imphash, impfuzzy, authentihash, pehash, tlsh, cdhash, filename, filename|md5, filename|sha1, filename|sha224, filename|sha256, filename|sha384, filename|sha512, filename|sha512/224, filename|sha512/256, filename|authentihash, filename|ssdeep, filename|tlsh, filename|imphash, filename|impfuzzy, filename|pehash, mac-address, mac-eui-64, ip-src, ip-dst, ip-dst|port, ip-src|port, hostname, domain, email-src, email-dst, email-subject, email-attachment, email-body, url, user-agent, AS, pattern-in-file, pattern-in-traffic, stix2-pattern, yara, sigma, mime-type, attachment, malware-sample, link, malware-type, comment, text, hex, vulnerability, weakness, x509-fingerprint-sha1, x509-fingerprint-md5, x509-fingerprint-sha256, ja3-fingerprint-md5, hassh-md5, hasshserver-md5, other, hostname|port, email-dst-display-name, email-src-display-name, email-header, email-reply-to, email-x-mailer, email-mime-boundary, email-thread-index, email-message-id, mobile-application-id, whois-registrant-email, anonymised</dd> <br>md5, sha1, sha224, sha256, sha384, sha512, sha512/224, sha512/256, ssdeep, imphash, impfuzzy, authentihash, pehash, tlsh, cdhash, filename, filename|md5, filename|sha1, filename|sha224, filename|sha256, filename|sha384, filename|sha512, filename|sha512/224, filename|sha512/256, filename|authentihash, filename|ssdeep, filename|tlsh, filename|imphash, filename|impfuzzy, filename|pehash, mac-address, mac-eui-64, ip-src, ip-dst, ip-dst|port, ip-src|port, hostname, domain, email-src, email-dst, email-subject, email-attachment, email-body, url, user-agent, AS, pattern-in-file, pattern-in-traffic, stix2-pattern, yara, sigma, mime-type, attachment, malware-sample, link, malware-type, comment, text, hex, vulnerability, weakness, x509-fingerprint-sha1, x509-fingerprint-md5, x509-fingerprint-sha256, ja3-fingerprint-md5, hassh-md5, hasshserver-md5, other, hostname|port, email-dst-display-name, email-src-display-name, email-header, email-reply-to, email-x-mailer, email-mime-boundary, email-thread-index, email-message-id, mobile-application-id, chrome-extension-id, whois-registrant-email, anonymised</dd>
<dt>Payload installation</dt> <dt>Payload installation</dt>
<dd style="margin-left: 8"> <dd style="margin-left: 8">
<br>md5, sha1, sha224, sha256, sha384, sha512, sha512/224, sha512/256, ssdeep, imphash, impfuzzy, authentihash, pehash, tlsh, cdhash, filename, filename|md5, filename|sha1, filename|sha224, filename|sha256, filename|sha384, filename|sha512, filename|sha512/224, filename|sha512/256, filename|authentihash, filename|ssdeep, filename|tlsh, filename|imphash, filename|impfuzzy, filename|pehash, pattern-in-file, pattern-in-traffic, pattern-in-memory, stix2-pattern, yara, sigma, vulnerability, weakness, attachment, malware-sample, malware-type, comment, text, hex, x509-fingerprint-sha1, x509-fingerprint-md5, x509-fingerprint-sha256, mobile-application-id, other, mime-type, anonymised</dd> <br>md5, sha1, sha224, sha256, sha384, sha512, sha512/224, sha512/256, ssdeep, imphash, impfuzzy, authentihash, pehash, tlsh, cdhash, filename, filename|md5, filename|sha1, filename|sha224, filename|sha256, filename|sha384, filename|sha512, filename|sha512/224, filename|sha512/256, filename|authentihash, filename|ssdeep, filename|tlsh, filename|imphash, filename|impfuzzy, filename|pehash, pattern-in-file, pattern-in-traffic, pattern-in-memory, stix2-pattern, yara, sigma, vulnerability, weakness, attachment, malware-sample, malware-type, comment, text, hex, x509-fingerprint-sha1, x509-fingerprint-md5, x509-fingerprint-sha256, mobile-application-id, chrome-extension-id, other, mime-type, anonymised</dd>
<dt>Payload type</dt> <dt>Payload type</dt>
<dd style="margin-left: 8"> <dd style="margin-left: 8">
<br>comment, text, other, anonymised</dd> <br>comment, text, other, anonymised</dd>
@ -1701,6 +1701,12 @@
"timestamp": { "timestamp": {
"type": "string" "type": "string"
}, },
"first_seen": {
"type": "string"
},
"last_seen": {
"type": "string"
},
"distribution": { "distribution": {
"type": "string" "type": "string"
}, },
@ -1868,6 +1874,12 @@
"timestamp": { "timestamp": {
"type": "string" "type": "string"
}, },
"first_seen": {
"type": "string"
},
"last_seen": {
"type": "string"
},
"comment": { "comment": {
"type": "string" "type": "string"
}, },

276
rfc/misp-standard-core.txt
View File

@ -100,7 +100,7 @@ Table of Contents
7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 51 7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 51
8. References . . . . . . . . . . . . . . . . . . . . . . . . . 51 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 51
9. References . . . . . . . . . . . . . . . . . . . . . . . . . 51 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 51
9.1. Normative References . . . . . . . . . . . . . . . . . . 51 9.1. Normative References . . . . . . . . . . . . . . . . . . 52
9.2. Informative References . . . . . . . . . . . . . . . . . 52 9.2. Informative References . . . . . . . . . . . . . . . . . 52
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 52 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 52
@ -588,7 +588,7 @@ Internet-Draft MISP core format August 2018
hostname|port, email-dst-display-name, email-src-display-name, hostname|port, email-dst-display-name, email-src-display-name,
email-header, email-reply-to, email-x-mailer, email-mime-boundary, email-header, email-reply-to, email-x-mailer, email-mime-boundary,
email-thread-index, email-message-id, mobile-application-id, email-thread-index, email-message-id, mobile-application-id,
whois-registrant-email, anonymised chrome-extension-id, whois-registrant-email, anonymised
Payload installation Payload installation
md5, sha1, sha224, sha256, sha384, sha512, sha512/224, sha512/256, md5, sha1, sha224, sha256, sha384, sha512, sha512/224, sha512/256,
@ -601,8 +601,8 @@ Internet-Draft MISP core format August 2018
traffic, pattern-in-memory, stix2-pattern, yara, sigma, traffic, pattern-in-memory, stix2-pattern, yara, sigma,
vulnerability, weakness, attachment, malware-sample, malware-type, vulnerability, weakness, attachment, malware-sample, malware-type,
comment, text, hex, x509-fingerprint-sha1, x509-fingerprint-md5, comment, text, hex, x509-fingerprint-sha1, x509-fingerprint-md5,
x509-fingerprint-sha256, mobile-application-id, other, mime-type, x509-fingerprint-sha256, mobile-application-id, chrome-extension-
anonymised id, other, mime-type, anonymised
Payload type Payload type
comment, text, other, anonymised comment, text, other, anonymised
@ -985,7 +985,7 @@ Internet-Draft MISP core format August 2018
hostname|port, email-dst-display-name, email-src-display-name, hostname|port, email-dst-display-name, email-src-display-name,
email-header, email-reply-to, email-x-mailer, email-mime-boundary, email-header, email-reply-to, email-x-mailer, email-mime-boundary,
email-thread-index, email-message-id, mobile-application-id, email-thread-index, email-message-id, mobile-application-id,
whois-registrant-email, anonymised chrome-extension-id, whois-registrant-email, anonymised
Payload installation Payload installation
md5, sha1, sha224, sha256, sha384, sha512, sha512/224, sha512/256, md5, sha1, sha224, sha256, sha384, sha512, sha512/224, sha512/256,
@ -998,8 +998,8 @@ Internet-Draft MISP core format August 2018
traffic, pattern-in-memory, stix2-pattern, yara, sigma, traffic, pattern-in-memory, stix2-pattern, yara, sigma,
vulnerability, weakness, attachment, malware-sample, malware-type, vulnerability, weakness, attachment, malware-sample, malware-type,
comment, text, hex, x509-fingerprint-sha1, x509-fingerprint-md5, comment, text, hex, x509-fingerprint-sha1, x509-fingerprint-md5,
x509-fingerprint-sha256, mobile-application-id, other, mime-type, x509-fingerprint-sha256, mobile-application-id, chrome-extension-
anonymised id, other, mime-type, anonymised
Payload type Payload type
@ -2144,6 +2144,12 @@ Internet-Draft MISP core format August 2018
"timestamp": { "timestamp": {
"type": "string" "type": "string"
}, },
"first_seen": {
"type": "string"
},
"last_seen": {
"type": "string"
},
"distribution": { "distribution": {
"type": "string" "type": "string"
}, },
@ -2172,12 +2178,6 @@ Internet-Draft MISP core format August 2018
"sighthing": { "sighthing": {
"type": "object", "type": "object",
"additionalProperties": false, "additionalProperties": false,
"properties": {
"id": {
"type": "string"
},
"attribute_id": {
"type": "string"
@ -2186,6 +2186,12 @@ Dulaunoy & Iklody Expires February 9, 2019 [Page 39]
Internet-Draft MISP core format August 2018 Internet-Draft MISP core format August 2018
"properties": {
"id": {
"type": "string"
},
"attribute_id": {
"type": "string"
}, },
"event_id": { "event_id": {
"type": "string" "type": "string"
@ -2228,12 +2234,6 @@ Internet-Draft MISP core format August 2018
"objectreference": { "objectreference": {
"type": "object", "type": "object",
"additionalProperties": false, "additionalProperties": false,
"properties": {
"deleted": {
"type": "boolean"
},
"object_id": {
"type": "string"
@ -2242,6 +2242,12 @@ Dulaunoy & Iklody Expires February 9, 2019 [Page 40]
Internet-Draft MISP core format August 2018 Internet-Draft MISP core format August 2018
"properties": {
"deleted": {
"type": "boolean"
},
"object_id": {
"type": "string"
}, },
"event_id": { "event_id": {
"type": "string" "type": "string"
@ -2284,12 +2290,6 @@ Internet-Draft MISP core format August 2018
"attribute": { "attribute": {
"type": "object", "type": "object",
"additionalProperties": false, "additionalProperties": false,
"properties": {
"id": {
"type": "string"
},
"old_id": {
"type": "string"
@ -2298,6 +2298,12 @@ Dulaunoy & Iklody Expires February 9, 2019 [Page 41]
Internet-Draft MISP core format August 2018 Internet-Draft MISP core format August 2018
"properties": {
"id": {
"type": "string"
},
"old_id": {
"type": "string"
}, },
"type": { "type": {
"type": "string" "type": "string"
@ -2334,6 +2340,20 @@ Internet-Draft MISP core format August 2018
}, },
"timestamp": { "timestamp": {
"type": "string" "type": "string"
},
"first_seen": {
"type": "string"
},
"last_seen": {
"type": "string"
Dulaunoy & Iklody Expires February 9, 2019 [Page 42]
Internet-Draft MISP core format August 2018
}, },
"comment": { "comment": {
"type": "string" "type": "string"
@ -2346,14 +2366,6 @@ Internet-Draft MISP core format August 2018
}, },
"disable_correlation": { "disable_correlation": {
"type": "boolean" "type": "boolean"
Dulaunoy & Iklody Expires February 9, 2019 [Page 42]
Internet-Draft MISP core format August 2018
}, },
"value": { "value": {
"type": "string" "type": "string"
@ -2390,6 +2402,14 @@ Internet-Draft MISP core format August 2018
"items": { "items": {
"$ref": "#/defs/galaxy" "$ref": "#/defs/galaxy"
} }
Dulaunoy & Iklody Expires February 9, 2019 [Page 43]
Internet-Draft MISP core format August 2018
}, },
"Tag": { "Tag": {
"uniqueItems": true, "uniqueItems": true,
@ -2402,14 +2422,6 @@ Internet-Draft MISP core format August 2018
}, },
"event": { "event": {
"type": "object", "type": "object",
Dulaunoy & Iklody Expires February 9, 2019 [Page 43]
Internet-Draft MISP core format August 2018
"additionalProperties": false, "additionalProperties": false,
"properties": { "properties": {
"id": { "id": {
@ -2446,6 +2458,14 @@ Internet-Draft MISP core format August 2018
"type": "string" "type": "string"
}, },
"timestamp": { "timestamp": {
Dulaunoy & Iklody Expires February 9, 2019 [Page 44]
Internet-Draft MISP core format August 2018
"type": "string" "type": "string"
}, },
"distribution": { "distribution": {
@ -2458,14 +2478,6 @@ Internet-Draft MISP core format August 2018
"type": "boolean" "type": "boolean"
}, },
"publish_timestamp": { "publish_timestamp": {
Dulaunoy & Iklody Expires February 9, 2019 [Page 44]
Internet-Draft MISP core format August 2018
"type": "string" "type": "string"
}, },
"sharing_group_id": { "sharing_group_id": {
@ -2502,6 +2514,14 @@ Internet-Draft MISP core format August 2018
}, },
"RelatedEvent": { "RelatedEvent": {
"type": "array", "type": "array",
Dulaunoy & Iklody Expires February 9, 2019 [Page 45]
Internet-Draft MISP core format August 2018
"uniqueItems": true, "uniqueItems": true,
"items": { "items": {
"type": "object", "type": "object",
@ -2514,14 +2534,6 @@ Internet-Draft MISP core format August 2018
} }
}, },
"Galaxy": { "Galaxy": {
Dulaunoy & Iklody Expires February 9, 2019 [Page 45]
Internet-Draft MISP core format August 2018
"type": "array", "type": "array",
"uniqueItems": true, "uniqueItems": true,
"items": { "items": {
@ -2558,6 +2570,14 @@ Internet-Draft MISP core format August 2018
"type": "string" "type": "string"
}, },
"exportable": { "exportable": {
Dulaunoy & Iklody Expires February 9, 2019 [Page 46]
Internet-Draft MISP core format August 2018
"type": "boolean" "type": "boolean"
}, },
"hide_tag": { "hide_tag": {
@ -2570,14 +2590,6 @@ Internet-Draft MISP core format August 2018
}, },
"galaxy": { "galaxy": {
"type": "object", "type": "object",
Dulaunoy & Iklody Expires February 9, 2019 [Page 46]
Internet-Draft MISP core format August 2018
"additionalProperties": false, "additionalProperties": false,
"properties": { "properties": {
"id": { "id": {
@ -2614,6 +2626,14 @@ Internet-Draft MISP core format August 2018
} }
}, },
"galaxy_cluster": { "galaxy_cluster": {
Dulaunoy & Iklody Expires February 9, 2019 [Page 47]
Internet-Draft MISP core format August 2018
"type": "object", "type": "object",
"additionalProperties": false, "additionalProperties": false,
"properties": { "properties": {
@ -2626,14 +2646,6 @@ Internet-Draft MISP core format August 2018
"type": { "type": {
"type": "string" "type": "string"
}, },
Dulaunoy & Iklody Expires February 9, 2019 [Page 47]
Internet-Draft MISP core format August 2018
"value": { "value": {
"type": "string" "type": "string"
}, },
@ -2670,6 +2682,14 @@ Internet-Draft MISP core format August 2018
}, },
"type": "object", "type": "object",
"properties": { "properties": {
Dulaunoy & Iklody Expires February 9, 2019 [Page 48]
Internet-Draft MISP core format August 2018
"Event": { "Event": {
"$ref": "#/defs/event" "$ref": "#/defs/event"
} }
@ -2679,17 +2699,6 @@ Internet-Draft MISP core format August 2018
] ]
} }
Dulaunoy & Iklody Expires February 9, 2019 [Page 48]
Internet-Draft MISP core format August 2018
4. Manifest 4. Manifest
MISP events can be shared over an HTTP repository, a file package or MISP events can be shared over an HTTP repository, a file package or
@ -2729,6 +2738,14 @@ Internet-Draft MISP core format August 2018
representation of the associated MISP event file to ensure representation of the associated MISP event file to ensure
integrity of the file. (SHOULD) integrity of the file. (SHOULD)
Dulaunoy & Iklody Expires February 9, 2019 [Page 49]
Internet-Draft MISP core format August 2018
o integrity:pgp represents a detached PGP signature [RFC4880] of the o integrity:pgp represents a detached PGP signature [RFC4880] of the
associated MISP event file to ensure integrity of the file. associated MISP event file to ensure integrity of the file.
(SHOULD) (SHOULD)
@ -2738,14 +2755,6 @@ Internet-Draft MISP core format August 2018
detached PGP signature for a manifest file is a manifest.json.asc detached PGP signature for a manifest file is a manifest.json.asc
file containing the PGP signature. file containing the PGP signature.
Dulaunoy & Iklody Expires February 9, 2019 [Page 49]
Internet-Draft MISP core format August 2018
4.1.1. Sample Manifest 4.1.1. Sample Manifest
{ {
@ -2785,6 +2794,14 @@ Internet-Draft MISP core format August 2018
}, },
{ {
"colour": "#3d7a00", "colour": "#3d7a00",
Dulaunoy & Iklody Expires February 9, 2019 [Page 50]
Internet-Draft MISP core format August 2018
"name": "circl:incident-classification=\"malware\"" "name": "circl:incident-classification=\"malware\""
}, },
{ {
@ -2794,14 +2811,6 @@ Internet-Draft MISP core format August 2018
], ],
"timestamp": "1461764231", "timestamp": "1461764231",
"date": "2016-04-27", "date": "2016-04-27",
Dulaunoy & Iklody Expires February 9, 2019 [Page 50]
Internet-Draft MISP core format August 2018
"threat_level_id": "3" "threat_level_id": "3"
} }
} }
@ -2837,6 +2846,18 @@ Internet-Draft MISP core format August 2018
9. References 9. References
Dulaunoy & Iklody Expires February 9, 2019 [Page 51]
Internet-Draft MISP core format August 2018
9.1. Normative References 9.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
@ -2849,15 +2870,6 @@ Internet-Draft MISP core format August 2018
DOI 10.17487/RFC4122, July 2005, DOI 10.17487/RFC4122, July 2005,
<https://www.rfc-editor.org/info/rfc4122>. <https://www.rfc-editor.org/info/rfc4122>.
Dulaunoy & Iklody Expires February 9, 2019 [Page 51]
Internet-Draft MISP core format August 2018
[RFC4880] Callas, J., Donnerhacke, L., Finney, H., Shaw, D., and R. [RFC4880] Callas, J., Donnerhacke, L., Finney, H., Shaw, D., and R.
Thayer, "OpenPGP Message Format", RFC 4880, Thayer, "OpenPGP Message Format", RFC 4880,
DOI 10.17487/RFC4880, November 2007, DOI 10.17487/RFC4880, November 2007,
@ -2888,6 +2900,20 @@ Internet-Draft MISP core format August 2018
Authors' Addresses Authors' Addresses
Dulaunoy & Iklody Expires February 9, 2019 [Page 52]
Internet-Draft MISP core format August 2018
Alexandre Dulaunoy Alexandre Dulaunoy
Computer Incident Response Center Luxembourg Computer Incident Response Center Luxembourg
16, bd d'Avranches 16, bd d'Avranches
@ -2909,4 +2935,34 @@ Authors' Addresses
Dulaunoy & Iklody Expires February 9, 2019 [Page 52]
Dulaunoy & Iklody Expires February 9, 2019 [Page 53]