The Harmful Consequences of the Robustness Principle
draft-iab-protocol-maintenance-04

Document Type Active Internet-Draft
Last updated 2019-11-03
Replaces draft-thomson-postel-was-wrong
Stream IAB
Intended RFC status (None)
Formats plain text xml pdf htmlized bibtex
Stream IAB state (None)
Consensus Boilerplate Unknown
RFC Editor Note (None)
Network Working Group                                         M. Thomson
Internet-Draft                                                   Mozilla
Intended status: Informational                         November 04, 2019
Expires: May 7, 2020

          The Harmful Consequences of the Robustness Principle
                   draft-iab-protocol-maintenance-04

Abstract

   The robustness principle, often phrased as "be conservative in what
   you send, and liberal in what you accept", has long guided the design
   and implementation of Internet protocols.  The posture this statement
   advocates promotes interoperability in the short term, but can
   negatively affect the protocol ecosystem over time.  For a protocol
   that is actively maintained, the robustness principle can, and
   should, be avoided.

Note to Readers

   Discussion of this document takes place on the Architecture-Discuss
   mailing list (architecture-discuss@ietf.org), which is archived at
   https://mailarchive.ietf.org/arch/browse/architecture-discuss/ [1].

   Source for this draft and an issue tracker can be found at
   https://github.com/intarchboard/protocol-maintenance [2].

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at https://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on May 7, 2020.

Thomson                    Expires May 7, 2020                  [Page 1]
Internet-Draft            Protocol Maintenance             November 2019

Copyright Notice

   Copyright (c) 2019 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (https://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
   2.  Fallibility of Specifications . . . . . . . . . . . . . . . .   3
   3.  Protocol Decay  . . . . . . . . . . . . . . . . . . . . . . .   4
   4.  Ecosystem Effects . . . . . . . . . . . . . . . . . . . . . .   5
   5.  Active Protocol Maintenance . . . . . . . . . . . . . . . . .   6
   6.  Extensibility . . . . . . . . . . . . . . . . . . . . . . . .   8
   7.  Virtuous Intolerance  . . . . . . . . . . . . . . . . . . . .   8
   8.  Exclusion . . . . . . . . . . . . . . . . . . . . . . . . . .   9
   9.  Security Considerations . . . . . . . . . . . . . . . . . . .  10
   10. IANA Considerations . . . . . . . . . . . . . . . . . . . . .  10
   11. References  . . . . . . . . . . . . . . . . . . . . . . . . .  10
     11.1.  Informative References . . . . . . . . . . . . . . . . .  10
     11.2.  URIs . . . . . . . . . . . . . . . . . . . . . . . . . .  12
   Appendix A.  Acknowledgments  . . . . . . . . . . . . . . . . . .  12
   Author's Address  . . . . . . . . . . . . . . . . . . . . . . . .  12

1.  Introduction

   The robustness principle has been hugely influential in shaping the
   design of the Internet.  As stated in IAB RFC 1958 [PRINCIPLES], the
   robustness principle advises to:

      Be strict when sending and tolerant when receiving.
      Implementations must follow specifications precisely when sending
      to the network, and tolerate faulty input from the network.  When
      in doubt, discard faulty input silently, without returning an
      error message unless this is required by the specification.

   This simple statement captures a significant concept in the design of
   interoperable systems.  Many consider the application of the

Thomson                    Expires May 7, 2020                  [Page 2]
Internet-Draft            Protocol Maintenance             November 2019

   robustness principle to be instrumental in the success of the
   Internet as well as the design of interoperable protocols in general.

   Time and experience shows that negative consequences to
   interoperability accumulate over time if implementations apply the
   robustness principle.  This problem originates from an assumption
Show full document text