Robustness Principle
Encyclopedia
In computing
, the robustness principle is a general design guideline for software:
The principle is also known as Postel's law, after Internet
pioneer Jon Postel
, who wrote in an early specification of the Transmission Control Protocol
that:
In other words, code that sends commands or data to other machines (or to other programs on the same machine) should conform completely to the specifications, but code that receives input should accept non-conformant input as long as the meaning is clear.
In RFC 3117, Marshall Rose
characterized several deployment problems when applying Postel's principle in the design of a new application protocol. For example, a defective implementation that sends non-conforming messages might be used only with implementations that tolerate those deviations from the specification until, possibly several years later, it is connected with a less tolerant application that rejects its messages. In such a situation, identifying the problem is often difficult, and deploying a solution can be costly. Rose therefore recommended "explicit consistency checks in a protocol ... even if they impose implementation overhead".
Computing
Computing is usually defined as the activity of using and improving computer hardware and software. It is the computer-specific part of information technology...
, the robustness principle is a general design guideline for software:
- Be liberal in what you accept, and conservative in what you send.
The principle is also known as Postel's law, after Internet
Internet
The Internet is a global system of interconnected computer networks that use the standard Internet protocol suite to serve billions of users worldwide...
pioneer Jon Postel
Jon Postel
Jonathan Bruce Postel was an American computer scientist who made many significant contributions to the development of the Internet, particularly with respect to standards...
, who wrote in an early specification of the Transmission Control Protocol
Transmission Control Protocol
The Transmission Control Protocol is one of the core protocols of the Internet Protocol Suite. TCP is one of the two original components of the suite, complementing the Internet Protocol , and therefore the entire suite is commonly referred to as TCP/IP...
that:
- TCP implementations should follow a general principle of robustness: be conservative in what you do, be liberal in what you accept from others.
In other words, code that sends commands or data to other machines (or to other programs on the same machine) should conform completely to the specifications, but code that receives input should accept non-conformant input as long as the meaning is clear.
Interpretation
RFC 1122 (1989) expanded on Postel's principle by recommending that programmers "assume that the network is filled with malevolent entities that will send in packets designed to have the worst possible effect". Protocols should allow for the addition of new codes for existing fields in future versions of protocols by accepting messages with unknown codes (possibly logging them). Programmers should avoid sending messages with "legal but obscure protocol features" that might expose deficiencies in receivers, and design their code "not just to survive other misbehaving hosts, but also to cooperate to limit the amount of disruption such hosts can cause to the shared communication facility".In RFC 3117, Marshall Rose
Marshall Rose
Marshall T. Rose is a network protocol and software engineer, author and speaker who has contributed to the Internet Engineering Task Force , the Internet, and Internet and network applications. More specifically, he has specialized in:...
characterized several deployment problems when applying Postel's principle in the design of a new application protocol. For example, a defective implementation that sends non-conforming messages might be used only with implementations that tolerate those deviations from the specification until, possibly several years later, it is connected with a less tolerant application that rejects its messages. In such a situation, identifying the problem is often difficult, and deploying a solution can be costly. Rose therefore recommended "explicit consistency checks in a protocol ... even if they impose implementation overhead".
External links
- History of the principle
- Internet Protocol, page 22; J. Postel, IENInternet Experiment NoteAn Internet Experiment Note is a sequentially numbered document in a series of technical publications issued by the participants of the early development work groups that created the precursors of the modern Internet....
111, August 1979.