Content deleted Content added
Tags: Reverted Visual edit |
m Reverted 1 edit by 199.249.109.189 (talk) to last revision by The Anome |
||
Line 12:
== Criticism ==
In 2001, [[Marshall Rose]] characterized several deployment problems when applying Postel's principle in the design of a new application protocol.<ref>{{cite IETF |title=On the Design of Application Protocols |rfc=3117 |last=Rose |first=M. |author-link=Marshall Rose |date=November 2001 |publisher=[[Internet Engineering Task Force|IETF]] |access-date=June 9, 2014}}</ref> For example, a defective implementation that sends non-conforming messages might be used only with implementations that tolerate those deviations from the specification until, possibly several years later, it is connected with a less tolerant application that rejects its messages. In such a situation, identifying the problem is often difficult, and deploying a solution can be costly. Rose therefore recommended "explicit consistency checks in a protocol ... even if they impose implementation overhead".
From 2015 to 2018, in a series of [[Internet Draft]]s, Martin Thomson argues that Postel's robustness principle actually leads to a ''lack'' of robustness, including security:<ref>{{cite IETF |title=The Harmful Consequences of the Robustness Principle |last=Thomson |first=Martin |date=May 2019 |url=https://tools.ietf.org/html/draft-iab-protocol-maintenance |publisher=[[Internet Engineering Task Force|IETF]] |access-date=October 4, 2019}}</ref>{{Quote|A flaw can become entrenched as a de facto standard. Any implementation of the protocol is required to replicate the aberrant behavior, or it is not interoperable. This is both a consequence of applying the robustness principle, and a product of a natural reluctance to avoid fatal error conditions. Ensuring interoperability in this environment is often referred to as aiming to be "[[Bug compatibility|bug for bug compatible]]".}}
| |||