It's been 20 years today (Oct 16, UTC). Hard to believe.

Michael Thomas mike at
Wed Oct 17 20:45:53 UTC 2018

On 10/17/2018 12:43 PM, Florian Weimer wrote:
> * Laszlo Hanyecz:
>> On 2018-10-17 02:35, Michael Thomas wrote:
>>> I believe that the IETF party line these days is that Postel was wrong
>>> on this point. Security is one consideration, but there are others.
>> Postel's maxim also allowed extensibility.  If our network code rejects
>> (or crashes) on things we don't currently understand and use, it ensures
>> that they can't be used by apps that come along later either.  The
>> attitude of rejecting everything in the name of security is what has
>> forced app developers to tunnel APIs and everything else inside HTTP/DNS.

Let's be clear: crashing is a software bug. It has nothing to do with 

On the extensibility part, that is for the protocol itself to define, 
and it should be explicit. If the protocol says to reject, then you must 
reject. I'm not sure if extensibility one of the global protocol check 
offs, but it certainly should be part of any stander.

> To be fair, a lot of these components that make extending protocols
> hard are both receivers and senders.  If they are asked to forward
> garbage, then something has to give.

Yes, the protocol should tell you what to do. If it doesn't, its deficient.


More information about the NANOG mailing list