It's been 20 years today (Oct 16, UTC). Hard to believe.

Michael Thomas mike at
Wed Oct 17 02:35:24 UTC 2018

I believe that the IETF party line these days is that Postel was wrong 
on this point. Security is one consideration, but there are others.


On 10/16/2018 07:18 PM, bzs at wrote:
> What it's trying to say is that you have control over your own code
> but not others', in general.
> So make your own code (etc) robust and forgiving since you can't edit
> others' code to conform to your own understanding of what they should
> be sending you.
> I suppose that pre-dates github but nonetheless much of the code which
> generates bits flung at you is proprietary and otherwise out of your
> control but what you can control is your code's reaction to it.
> And of course the bits you generate which should try to make
> conservative assumptions about what they might accept and interpret as
> you expect.
> For example just because they sent you a seemingly malformed HTTP
> request, and given that 4xx is for error codes, doesn't mean you
> should return "420 You must be high!" and expect to be understood.

More information about the NANOG mailing list