This proposal is for adding the ability to mark STIX objects using the FIRST Information Exchange Policy (IEP) Framework. This would be designed to support IEP 2.0 currently under development.
The IEP Framework is a FIRST backed initiative to help Organizations better define how recipients can use their threat intelligence. In other words "What am I allowed to do with this intel?". Think of it as TLP with extra features!
IEP 1.0 was accepted for inclusion in STIX 2.0 but was eventually removed due to the lack of implementation detail. IEP 2.0 has rectified this with the inclusion of an additional separate detailed JSON Standard which provides the implementation detail needed.
Please note: The IEP 2.0 documentation is not yet in the public domain as it is still under development by the FIRST IEP-SIG.
We expect the final version of IEP to be released in the next 2-3 months, which should easily fit into the STIX 2.1 development timeframe.