nanog mailing list archives
Re: Searching for a quote
From: Michael Thomas <mike () mtcc com>
Date: Fri, 13 Mar 2015 00:17:02 -0700
On 03/12/2015 11:52 PM, Eygene Ryabinkin wrote:
Thu, Mar 12, 2015 at 05:31:54PM -0700, Michael Thomas wrote:Jon Postel. I'm told that it is out of favor these days in protocol-land, from a security standpoint if nothing else.The principle has nothing to do with security: it doesn't mean "accept all junk that comes in". It is about interoperability of different implementation and means "use the smallest possible subset of the protocol when you're sending, but be prepared to accept any subset of protocol messages when you're receiving". Eric Allman's ACM paper, http://cacm.acm.org/magazines/2011/8/114933-the-robustness-principle-reconsidered/fulltext is a good reading for this, I believe.
The original principle had little thought toward security, and i was there for the row for which Eric's paper was almost certainly inspired by (started it, actually). In the early days, a lot of people to took it as trying very hard to make sense of the broken -- far beyond rfc 2119's musts and shoulds. A lot of people regret that now for a lot of reasons, including security. I still have mixed emotions about abandoning it.
Mike
Current thread:
- Re: Searching for a quote, (continued)
- Re: Searching for a quote Tom Paseka (Mar 12)
- Re: Searching for a quote Miles Fidelman (Mar 12)
- Re: Searching for a quote Jason Iannone (Mar 12)
- Re: Searching for a quote Michael Thomas (Mar 12)
- Re: Searching for a quote manning bill (Mar 12)
- Re: Searching for a quote Matthew Petach (Mar 15)
- RE: Searching for a quote Keith Medcalf (Mar 12)
- Re: Searching for a quote Stephen Satchell (Mar 13)
- Re: Searching for a quote Karl Auer (Mar 13)
- Message not available
- Re: Searching for a quote Larry Sheldon (Mar 14)
- Re: Searching for a quote Miles Fidelman (Mar 12)
- Re: Searching for a quote Tom Paseka (Mar 12)
- Message not available
- Re: Searching for a quote Michael Thomas (Mar 13)
- Re: Searching for a quote Dave Taht (Mar 12)
- Re: Searching for a quote Rich Kulawiec (Mar 12)
- Re: Searching for a quote Jason Iannone (Mar 12)
- Re: Searching for a quote Barney Wolff (Mar 12)
- Re: Searching for a quote Patrick W. Gilmore (Mar 12)