Content deleted Content added
→References: use default |
→Criticism: fix CS1 error |
||
Line 20:
From 2015 to 2018, in a series of [[Internet-Draft]]s, Martin Thomson argues that Postel's robustness principle actually leads to a ''lack'' of robustness, including security:<ref>{{cite IETF |title=The Harmful Consequences of the Robustness Principle |last=Thomson |first=Martin |date=May 2019 |url=https://tools.ietf.org/html/draft-iab-protocol-maintenance |publisher=[[Internet Engineering Task Force|IETF]] |accessdate=October 4, 2019}}</ref>{{Quote|A flaw can become entrenched as a de facto standard. Any implementation of the protocol is required to replicate the aberrant behavior, or it is not interoperable. This is both a consequence of applying the robustness principle, and a product of a natural reluctance to avoid fatal error conditions. Ensuring interoperability in this environment is often referred to as aiming to be "bug for bug compatible".}}
In 2018, a paper on [[privacy-enhancing technologies]] by Florentin Rochet and Olivier Pereira showed how to exploit Postel's robustness principle inside the [[Tor (anonymity network)|Tor]] [[Onion routing|routing protocol]] to compromise the anonymity of onion services and Tor clients.<ref>{{cite journal | url = https://petsymposium.org/2018/files/papers/issue2/popets-2018-0011.pdf | title = Dropping on the Edge: Flexibility and Traffic Confirmation in Onion Routing Protocols |
== See also ==
| |||