Merge pull request #747 from tschmidtb51/party-multiplier

Add party `multiplier`
oasis-tcs · Jun 11, 2024 · 4861537 · 4861537
2 parents eea00eb + 4049a91
commit 4861537
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 1 deletion.
diff --git a/csaf_2.1/json_schema/csaf_json_schema.json b/csaf_2.1/json_schema/csaf_json_schema.json
@@ -645,6 +645,7 @@
               "enum": [
                 "coordinator",
                 "discoverer",
+                "multiplier",
                 "other",
                 "translator",
                 "user",

diff --git a/csaf_2.1/prose/edit/src/conformance.md b/csaf_2.1/prose/edit/src/conformance.md
@@ -520,6 +520,9 @@ Secondly, the program fulfills the following for all items of:
   > This is a common case for CSAF 2.0 documents labeled as TLP:RED but actually intended to be TLP:AMBER+STRICT.
 
   If no TLP label was given, the CSAF 2.0 to CSAF 2.1 converter SHOULD assign `TLP:CLEAR` and output a warning that the default TLP has been set.
+* `/document/publisher/category`: If the value is `other`, the CSAF 2.0 to CSAF 2.1 converter SHOULD output a warning that some parties have
+  been regrouped into the new value `multiplier`. An option to suppress this warning MUST exist. In addition, an option SHOULD be provided to
+  set the value to `multiplier`.
 
 > A tool MAY implement options to convert other Markdown formats to GitHub-flavored Markdown.
 

diff --git a/csaf_2.1/prose/edit/src/schema-elements-02-props-01-document.md b/csaf_2.1/prose/edit/src/schema-elements-02-props-01-document.md
@@ -281,6 +281,7 @@ The valid values are:
 ```
     coordinator
     discoverer
+    multiplier
     other
     translator
     user
@@ -294,10 +295,20 @@ This includes all Computer Emergency/Incident Response Teams (CERTs/CIRTs) or ag
 The value `discoverer` indicates individuals or organizations that find vulnerabilities or security weaknesses.
 This includes all manner of researchers.
 
+The value `multiplier` indicates individuals or organizations that use existing CSAF documents or information that could
+be represented in CSAF, and create their own CSAF documents for distribution to a specific target audience.
+A single multiplier might have target audiences.
+> For example, a National CSIRT might create different CSAF documents for the same vulnerability for critical
+  infrastructure companies in different sectors, government agencies, non-critical industry, and the public based on
+  information sharing agreements and threats to the target group.
+
+The creation step can make use of a CSAF modifier that replaces metadata, e.g. the document publisher.
+Currently, this value includes multipliers, republishers, and forwarders.
+
 The value `translator` indicates individuals or organizations that translate CSAF documents.
 This includes all manner of language translators, also those who work for the party issuing the original advisory.
 
-The value `other` indicates a catchall for everyone else. Currently this includes editors, reviewers, forwarders, republishers,
+The value `other` indicates a catchall for everyone else. Currently this includes editors, reviewers,
 and miscellaneous contributors.
 
 The value `user` indicates anyone using a vendor’s product.