Re: [ietf-dkim] Issue 1530 - replace use of term "suspicious"
> > While "exception" can work for me personal, I don't see it as a good > candidate for replacing suspicious. We might as will say "SSP Fault" > or "SSP Failure". > > My pennies of course. > > > -- > Sincerely > > Hector Santos, CTO We agree on most things... and this isn't one of them ;-) I believe a better word for what you are describing is an anomaly - which can lead to an exception. But exceptions can be specifically and purposefully placed whereas anomalies cannot (as far as I know). Maybe it is just the word the "Blue Screen Of Death" uses that everyone hates. However, I still believe the using the word "exception" would be accurate. My point in providing the thesaurus link was that I didn't believe that this should take up too much of our time. Semantics - Pick a word or make one up, let's get on with more important things. Regards, Damon Sauer ___ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
Re: [ietf-dkim] Issue 1530 - replace use of term "suspicious"
Damon wrote: Take your pick: http://thesaurus.reference.com/browse/exception I don't have a problem with "exception" in this case. I believe that it describes what is happening accurately. I think that will all depends on who is reading it. To me, an exception is not an ordinary event that one expected. Since I believe SSP is just validating the expected signing behavior as described by the domain, it is either a TRUE or FALSE condition - no exception. Checking for NXDOMAIN is a safe result to check for. Checking to see if its a given POLICY matches what is actually shown in the message, is a safe result to check for. I don't see those as exceptions. Now, if one can't make heads or tails of a SSP check, then maybe that can be viewed as an exception - because something happen you didn't expect. Here's the thing: The fact you and others had to look it up, means a lot here. Most people are not going to be wanting to have their dictionary or thesaurus around when they read these RFCs. The fact there are a "take your pick" untold semantics for exception tells ya it will probably cause one to scratch their head than now. I say being "Specific is Terrific!" As Frank suggested, PASS or FAIL is just as good. Most people don't need a dictionary for that. I suggested SSP Complete, maybe good if you understand 5016. I also suggested negative/positive classification, and this has a industry wide understanding and it is already in place for this type of work. SMTP uses positive/negative response code and classifications ideas. Spam Assassin already uses positive/negative classification as well as other heuristic based systems. Odds are good you will find more neural networks or fuzzy logic systems play a role, if not already. Jim's non-compliant/compliant is also straight to the point. But not sure it helps in laying the ground work to handling results. While "exception" can work for me personal, I don't see it as a good candidate for replacing suspicious. We might as will say "SSP Fault" or "SSP Failure". My pennies of course. -- Sincerely Hector Santos, CTO http://www.santronics.com http://santronics.blogspot.com ___ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
Re: [ietf-dkim] Issue 1530 - replace use of term "suspicious"
Take your pick: http://thesaurus.reference.com/browse/exception I don't have a problem with "exception" in this case. I believe that it describes what is happening accurately. Regards, Damon Sauer On Dec 17, 2007 1:00 PM, Michael Thomas <[EMAIL PROTECTED]> wrote: > > Jim Fenton wrote: > > Michael Thomas wrote: > >> Dave Crocker wrote: > >>> > >>> Jon Callas wrote: > > Dave Crocker wrote: > >> With the use of language like "suspicious", SSP is making value > >> judgement on messages that do not satisfy SSP's criteria, even > >> though those message well might be entirely legitimate. > >>> ... > How about something like "SSP Exception"? Metaphorically, it works > well with the programming use of the word exception. > >>> > >>> Folks, > >>> > >>> In the hope of trying to close some of the "easy" Issues, would folks > >>> comment on this specific proposal, or otherwise post comments seeking > >>> closure of the Issue? > >> My suggestion is to just to take the exception/violation reason. For > >> example, "all-exception", "strict-exception", "nxdomain-exception" > >> and the like. A single word even if it's value-neutral gives the wrong > >> impression that all exceptions/violations/suspicion should be given > >> the same weight. Just saying what it is that went wrong doesn't > >> do that. > > > > +0.5 > > > > Agree that a name change is in order, and that we need more than a > > binary 1/0 result. > > > > But "exception" makes it sound like a kernel panic or something. Hector > > had some alternative interpretations of "exception" too. My > > suggestion: "non-compliant"/"compliant". > >My original suggestion was "violation" which still works with nxdomain >and other states. I could live with exception though. > > Mike > > ___ > NOTE WELL: This list operates according to > http://mipassoc.org/dkim/ietf-list-rules.html > ___ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
Re: [ietf-dkim] Issue 1530 - replace use of term "suspicious"
Jim Fenton wrote: Michael Thomas wrote: Dave Crocker wrote: Jon Callas wrote: Dave Crocker wrote: With the use of language like "suspicious", SSP is making value judgement on messages that do not satisfy SSP's criteria, even though those message well might be entirely legitimate. ... How about something like "SSP Exception"? Metaphorically, it works well with the programming use of the word exception. Folks, In the hope of trying to close some of the "easy" Issues, would folks comment on this specific proposal, or otherwise post comments seeking closure of the Issue? My suggestion is to just to take the exception/violation reason. For example, "all-exception", "strict-exception", "nxdomain-exception" and the like. A single word even if it's value-neutral gives the wrong impression that all exceptions/violations/suspicion should be given the same weight. Just saying what it is that went wrong doesn't do that. +0.5 Agree that a name change is in order, and that we need more than a binary 1/0 result. But "exception" makes it sound like a kernel panic or something. Hector had some alternative interpretations of "exception" too. My suggestion: "non-compliant"/"compliant". My original suggestion was "violation" which still works with nxdomain and other states. I could live with exception though. Mike ___ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
Re: [ietf-dkim] Issue 1530 - replace use of term "suspicious"
On Dec 16, 2007, at 9:34 PM, Jim Fenton wrote: Michael Thomas wrote: My suggestion is to just to take the exception/violation reason. For example, "all-exception", "strict-exception", "nxdomain- exception" and the like. A single word even if it's value-neutral gives the wrong impression that all exceptions/violations/suspicion should be given the same weight. Just saying what it is that went wrong doesn't do that. +0.5 Agree that a name change is in order, and that we need more than a binary 1/0 result. But "exception" makes it sound like a kernel panic or something. Hector had some alternative interpretations of "exception" too. My suggestion: "non-compliant"/"compliant". Mike's breakdown provides a finer granularity of states. Policy exceptions happen all the time with things like SELINUX without it being a panic or crash. The specification should not attempt to combine various states "as-if" they were just one state. Experience will dictate how each state is best handled. While a message might be fully compliant, there can be many reasons a message might be found "non-compliant". These reasons could be termed "*-exceptions". +1 on Mike's suggestion, and +.5 on Jim's. -Doug ___ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
Re: [ietf-dkim] Issue 1530 - replace use of term "suspicious"
Jim Fenton wrote: But "exception" makes it sound like a kernel panic or something. Hector had some alternative interpretations of "exception" too. My suggestion: "non-compliant"/"compliant". Another possibility is to play off Mike's 5016 "DKIM Signing complete" semantics: SSP Complete All expected conditions were met, including no SSP record available. However, to be SSP Complete, it MUST be also "DKIM Signing Complete" per 5016. The main highlight is that the DKIM and/or DKIM/SSP transaction CAN NOT be repudiated. SSP Incomplete Not all expected conditions were met. NXDOMAIN or SSP record available, but a known error|non-compliant condition has been detected. A DKIM Signing Complete might have been reached, but it failed the SSP process. The main highlight is that the DKIM/SSP transaction CAN BE repudiated. Something along those lines might work. -- Sincerely Hector Santos, CTO http://www.santronics.com http://santronics.blogspot.com ___ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
Re: [ietf-dkim] Issue 1530 - replace use of term "suspicious"
Michael Thomas wrote: How about something like "SSP Exception"? Metaphorically, it works well with the programming use of the word exception. In the hope of trying to close some of the "easy" Issues, would folks comment on this specific proposal, or otherwise post comments seeking closure of the Issue? My suggestion is to just to take the exception/violation reason. For example, "all-exception", "strict-exception", "nxdomain-exception" and the like. A single word even if it's value-neutral gives the wrong impression that all exceptions/violations/suspicion should be given the same weight. Just saying what it is that went wrong doesn't do that. The current issue was to replace one term with another. That's a simple string substitution. It appears that you are raising different issue, namely to replace one term with multiple terms. While I do see that you used 'exception' as the base term, I think you're raising a bigger -- in other words, somewhat different -- issue than I had intended. At the least, your change would require more re-working of how things are phrased. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net ___ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
Re: [ietf-dkim] Issue 1530 - replace use of term "suspicious"
Michael Thomas wrote: > Dave Crocker wrote: >> >> >> Jon Callas wrote: Dave Crocker wrote: > With the use of language like "suspicious", SSP is making value > judgement on messages that do not satisfy SSP's criteria, even > though those message well might be entirely legitimate. >> ... >>> >>> How about something like "SSP Exception"? Metaphorically, it works >>> well with the programming use of the word exception. >> >> >> Folks, >> >> In the hope of trying to close some of the "easy" Issues, would folks >> comment on this specific proposal, or otherwise post comments seeking >> closure of the Issue? > My suggestion is to just to take the exception/violation reason. For > example, "all-exception", "strict-exception", "nxdomain-exception" > and the like. A single word even if it's value-neutral gives the wrong > impression that all exceptions/violations/suspicion should be given > the same weight. Just saying what it is that went wrong doesn't > do that. +0.5 Agree that a name change is in order, and that we need more than a binary 1/0 result. But "exception" makes it sound like a kernel panic or something. Hector had some alternative interpretations of "exception" too. My suggestion: "non-compliant"/"compliant". -Jim ___ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
RE: [ietf-dkim] Issue 1530 - replace use of term "suspicious"
Please mark issue closed as exception denotes just that -Original Message- From: [EMAIL PROTECTED] on behalf of Dave Crocker Sent: Sun 12/16/2007 12:10 PM To: DKIM WG Subject: [ietf-dkim] Issue 1530 - replace use of term "suspicious" Jon Callas wrote: >> Dave Crocker wrote: >>> With the use of language like "suspicious", SSP is making value >>> judgement on messages that do not satisfy SSP's criteria, even >>> though those message well might be entirely legitimate. ... > > How about something like "SSP Exception"? Metaphorically, it works > well with the programming use of the word exception. Folks, In the hope of trying to close some of the "easy" Issues, would folks comment on this specific proposal, or otherwise post comments seeking closure of the Issue? Thanks. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net ___ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html ___ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
Re: [ietf-dkim] Issue 1530 - replace use of term "suspicious"
Dave Crocker wrote: Jon Callas wrote: Dave Crocker wrote: With the use of language like "suspicious", SSP is making value judgement on messages that do not satisfy SSP's criteria, even though those message well might be entirely legitimate. ... How about something like "SSP Exception"? Metaphorically, it works well with the programming use of the word exception. Folks, In the hope of trying to close some of the "easy" Issues, would folks comment on this specific proposal, or otherwise post comments seeking closure of the Issue? My suggestion is to just to take the exception/violation reason. For example, "all-exception", "strict-exception", "nxdomain-exception" and the like. A single word even if it's value-neutral gives the wrong impression that all exceptions/violations/suspicion should be given the same weight. Just saying what it is that went wrong doesn't do that. Mike ___ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
Re: [ietf-dkim] Issue 1530 - replace use of term "suspicious"
Dave Crocker wrote: Jon Callas wrote: Dave Crocker wrote: With the use of language like "suspicious", SSP is making value judgement on messages that do not satisfy SSP's criteria, even though those message well might be entirely legitimate. ... How about something like "SSP Exception"? Metaphorically, it works well with the programming use of the word exception. Folks, In the hope of trying to close some of the "easy" Issues, would folks comment on this specific proposal, or otherwise post comments seeking closure of the Issue? -1. I actually thought Jon was joking around. With all due respect to Jon, an exception is generally used when you don't have any real controls over your software or system faults. Its a highly debated concept that can create its own unknown exceptions. "SSP Exception" makes you think of what it means. Is it a "Fault?" Exception to what? SSP policy? Algorithm? Or we talking about the domain taking "exception" to the idea someone is messing around with its mail?. "I take exception to Mr. Bad Guy trying to exploit my mail?" or that the domain screwed up and had created a Exception. I don't particularly like Suspicious, but it is specific and much more to the point and closer to the negative "classification" ideas we are trying to attach, and what is being conveyed - that something is wrong. And IMO, it can be understood by a much more wider audience than just programmers. -- Sincerely Hector Santos, CTO http://www.santronics.com http://santronics.blogspot.com ___ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
Re: [ietf-dkim] Issue 1530 - replace use of term "suspicious"
Steve Atkins: > > On Dec 16, 2007, at 9:10 AM, Dave Crocker wrote: > > > > > > > Jon Callas wrote: > >>> Dave Crocker wrote: > With the use of language like "suspicious", SSP is making value > judgement on messages that do not satisfy SSP's criteria, even > though those message well might be entirely legitimate. > > ... > >> How about something like "SSP Exception"? Metaphorically, it works > >> well with the programming use of the word exception. > > > > > > Folks, > > > > In the hope of trying to close some of the "easy" Issues, would > > folks comment on this specific proposal, or otherwise post comments > > seeking closure of the Issue? > > "SSP exception" works for me, and is better than "suspicious", > regardless of capitalization. +1. Wietse ___ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
Re: [ietf-dkim] Issue 1530 - replace use of term "suspicious"
On Dec 16, 2007, at 9:10 AM, Dave Crocker wrote: Jon Callas wrote: Dave Crocker wrote: With the use of language like "suspicious", SSP is making value judgement on messages that do not satisfy SSP's criteria, even though those message well might be entirely legitimate. ... How about something like "SSP Exception"? Metaphorically, it works well with the programming use of the word exception. Folks, In the hope of trying to close some of the "easy" Issues, would folks comment on this specific proposal, or otherwise post comments seeking closure of the Issue? "SSP exception" works for me, and is better than "suspicious", regardless of capitalization. Cheers, Steve ___ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
[ietf-dkim] Issue 1530 - replace use of term "suspicious"
Jon Callas wrote: Dave Crocker wrote: With the use of language like "suspicious", SSP is making value judgement on messages that do not satisfy SSP's criteria, even though those message well might be entirely legitimate. ... How about something like "SSP Exception"? Metaphorically, it works well with the programming use of the word exception. Folks, In the hope of trying to close some of the "easy" Issues, would folks comment on this specific proposal, or otherwise post comments seeking closure of the Issue? Thanks. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net ___ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html