chg: [tlp] updating the new version of the traffic light protocol

published by FIRST.org Some notes concerning the version 2.0 of the tlp taxonomy: - A new tag is introduced `TLP:AMBER+STRICT` to clarify the restriction to share only with your organisation. - A new tag is introduced called `TLP:CLEAR` which seems to replace `TLP:WHITE` as it disappears from the version 2.0 of the official TLP document. - The old tag `TLP:WHITE` is preserved in the taxonomy. As we don't have any official reference in the version 2.0 about the compatibility with `TLP:CLEAR`, we *assume* it's a synomym from the original `TLP:WHITE`. - The old tag `TLP:EX:CHR` is also preserved in the taxonomy for backward compatibility. We strongly recommend any users using the tlp taxonomy in their tools to review workflows and ensure that the new version 2.0 is taken into consideration. Ref: https://www.first.org/tlp/ (download the 3rd August 2022 - 15:46 CEST)
2022-08-03 15:40:26 +02:00 · 2022-08-03 15:40:26 +02:00 · 856d303ee4
parent f4fb812c37
commit 856d303ee4
1 changed files with 23 additions and 11 deletions
--- a/tlp/machinetag.json
+++ b/tlp/machinetag.json
@ -1,29 +1,41 @@
 {
  "predicates": [
    {
-      "colour": "#CC0033",
-      "description": "Not for disclosure, restricted to participants only. Sources may use TLP:RED when information cannot be effectively acted upon by additional parties, and could lead to impacts on a party's privacy, reputation, or operations if misused. Recipients may not share TLP:RED information with any parties outside of the specific exchange, meeting, or conversation in which it was originally disclosed. In the context of a meeting, for example, TLP:RED information is limited to those present at the meeting. In most circumstances, TLP:RED should be exchanged verbally or in person.",
-      "expanded": "(TLP:RED) Information exclusively and directly given to (a group of) individual recipients. Sharing outside is not legitimate.",
+      "colour": "#FF2B2B",
+      "description": "For the eyes and ears of individual recipients only, no further disclosure. Sources may use TLP:RED when information cannot be effectively acted upon without significant risk for the privacy, reputation, or operations of the organizations involved. Recipients may therefore not share TLP:RED information with anyone else. In the context of a meeting, for example, TLP:RED information is limited to those present at the meeting.",
+      "expanded": "(TLP:RED) For the eyes and ears of individual recipients only, no further disclosure.",
      "value": "red"
    },
    {
      "colour": "#FFC000",
-      "description": "Limited disclosure, restricted to participants’ organizations. Sources may use TLP:AMBER when information requires support to be effectively acted upon, yet carries risks to privacy, reputation, or operations if shared outside of the organizations involved. Recipients may only share TLP:AMBER information with members of their own organization, and with clients or customers who need to know the information to protect themselves or prevent further harm. Sources are at liberty to specify additional intended limits of the sharing: these must be adhered to.",
-      "expanded": "(TLP:AMBER) Information exclusively given to an organization; sharing limited within the organization to be effectively acted upon.",
+      "description": "Limited disclosure, recipients can only spread this on a need-to-know basis within their organization and its clients. Sources may use TLP:AMBER when information requires support to be effectively acted upon, yet carries risk to privacy, reputation, or operations if shared outside of the organizations involved. Recipients may share TLP:AMBER information with members of their own organization and its clients, but only on a need-to-know basis to protect their organization and its clients and prevent further harm. Note that TLP:AMBER+STRICT restricts sharing to the organization only.",
+      "expanded": "(TLP:AMBER) Limited disclosure, recipients can only spread this on a need-to-know basis within their organization and its clients.",
      "value": "amber"
    },
    {
-      "colour": "#339900",
-      "description": "Limited disclosure, restricted to the community. Sources may use TLP:GREEN when information is useful for the awareness of all participating organizations as well as with peers within the broader community or sector. Recipients may share TLP:GREEN information with peers and partner organizations within their sector or community, but not via publicly accessible channels. Information in this category can be circulated widely within a particular community. TLP:GREEN information may not be released outside of the community.",
-      "expanded": "(TLP:GREEN) Information given to a community or a group of organizations at large. The information cannot be publicly released.",
+      "colour": "#FFC000",
+      "description": "Limited disclosure, recipients can only spread this on a need-to-know basis within their organization. Sources may use TLP:AMBER+STRICT when information requires support to be effectively acted upon, yet carries risk to privacy, reputation, or operations if shared outside of the organizations involved. Recipients may share TLP:AMBER+STRICT information with members of their own organization.",
+      "expanded": "Limited disclosure, recipients can only spread this on a need-to-know basis within their organization.",
+      "value": "amber+strict"
+    },
+    {
+      "colour": "#33FF00",
+      "description": "Limited disclosure, recipients can spread this within their community. Sources may use TLP:GREEN when information is useful to increase awareness within their wider community. Recipients may share TLP:GREEN information with peers and partner organizations within their community, but not via publicly accessible channels. TLP:GREEN information may not be shared outside of the community. Note: when “community” is not defined, assume the cybersecurity/defense community.",
+      "expanded": "(TLP:GREEN) Limited disclosure, recipients can spread this within their community.",
      "value": "green"
    },
    {
      "colour": "#ffffff",
-      "description": "Disclosure is not limited.  Sources may use TLP:WHITE when information carries minimal or no foreseeable risk of misuse, in accordance with applicable rules and procedures for public release. Subject to standard copyright rules, TLP:WHITE information may be distributed without restriction.",
+      "description": "Disclosure is not limited.  Sources may use TLP:WHITE when information carries minimal or no foreseeable risk of misuse, in accordance with applicable rules and procedures for public release. Subject to standard copyright rules, TLP:WHITE information may be distributed without restriction. The version 2.0 of TLP doesn't mention anymore this tag which is most probably compatible with new TLP:CLEAR tag.",
      "expanded": "(TLP:WHITE) Information can be shared publicly in accordance with the law.",
      "value": "white"
    },
+    {
+      "colour": "#ffffff",
+      "description": "Recipients can spread this to the world, there is no limit on disclosure. Sources may use TLP:CLEAR when information carries minimal or no foreseeable risk of misuse, in accordance with applicable rules and procedures for public release. Subject to standard copyright rules, TLP:CLEAR information may be shared without restriction.",
+      "expanded": "(TLP:CLEAR) Recipients can spread this to the world, there is no limit on disclosure.",
+      "value": "clear"
+    },
    {
      "colour": "#d208f4",
      "expanded": "(TLP:EX:CHR) Information extended with a specific tag called Chatham House Rule (CHR). When this specific CHR tag is mentioned, the attribution (the source of information) must not be disclosed. This additional rule is at the discretion of the initial sender who can decide to apply or not the CHR tag.",
@ -33,8 +45,8 @@
  "refs": [
    "https://www.first.org/tlp"
  ],
-  "version": 5,
-  "description": "The Traffic Light Protocol - or short: TLP - was designed with the objective to create a favorable classification scheme for sharing sensitive information while keeping the control over its distribution at the same time.",
+  "version": 6,
+  "description": "The Traffic Light Protocol (TLP) (v2.0) was created to facilitate greater sharing of potentially sensitive information and more effective collaboration. Information sharing happens from an information source, towards one or more recipients. TLP is a set of four labels used to indicate the sharing boundaries to be applied by the recipients. Only labels listed in this standard are considered valid by FIRST. This taxonomy includes additional labels for backward compatibility which are no more validated by FIRST.",
  "expanded": "Traffic Light Protocol",
  "exclusive": true,
  "namespace": "tlp"