Searching for a quote

Michael Thomas mike at mtcc.com
Fri Mar 13 07:17:02 UTC 2015


On 03/12/2015 11:52 PM, Eygene Ryabinkin wrote:
> Thu, Mar 12, 2015 at 05:31:54PM -0700, Michael Thomas wrote:
>> Jon Postel. I'm told that it is out of favor these days in protocol-land,
>> from a security standpoint if nothing else.
> The principle has nothing to do with security: it doesn't mean "accept
> all junk that comes in".  It is about interoperability of different
> implementation and means "use the smallest possible subset of the
> protocol when you're sending, but be prepared to accept any subset
> of protocol messages when you're receiving".  Eric Allman's ACM paper,
>    http://cacm.acm.org/magazines/2011/8/114933-the-robustness-principle-reconsidered/fulltext
> is a good reading for this, I believe.

The original principle had little thought toward security, and i was 
there for the row for which Eric's paper was almost certainly inspired by
(started it, actually). In the early days, a lot of people to took it as 
trying very hard to make sense of the broken -- far beyond rfc 2119's
musts and shoulds. A lot of people regret that now for a lot of reasons, 
including security. I still have mixed emotions about abandoning it.

Mike


More information about the NANOG mailing list