Robustness principle — Safekipedia Discoverer

In computing, the robustness principle is an important idea for making software strong and flexible. It says: "be conservative in what you do, be liberal in what you accept from others." This means that when a program sends information, it should follow the rules perfectly. But when it receives information, it should try to understand messages that don’t follow the rules exactly, as long as the meaning is still clear.

The principle is also called Postel's law, named after Jon Postel. He used these words in an early description of TCP, a system that helps computers talk to each other.

For programmers, this idea helps make programs work well together. It is often described as being contravariant in the input type and covariant in the output type, which helps create compatible functions. This way, different pieces of software can communicate better and avoid problems.

Interpretation

The idea behind the robustness principle was first written down by Jon Postel in 1979 when describing how the IPv4 network should work. Later, in 1989, Bob Braden suggested that programmers should think about how to handle messages that might not follow the rules perfectly.

Programs that send information should follow the rules exactly, but programs that receive information should be flexible. They should accept messages that don’t follow the rules perfectly as long as the meaning is still clear. This helps keep communication smooth even when some parts don’t work exactly right.

Criticism

In 2001, Marshall Rose pointed out some problems when using Postel's principle in creating new application protocols. For example, a program that sends messages not following the rules might work fine with other programs that are lenient, but later when it connects with a stricter program, the messages might get rejected. Finding and fixing these issues can be difficult and expensive. Rose suggested checking messages carefully, even if it makes the program more complex.

In 2018, a paper on privacy technologies showed how the principle could be used to weaken the privacy of certain online services.

In 2023, Martin Thomson and David Schinazi argued that Postel's principle can actually make systems less secure. They said that when programs are too lenient, mistakes can become standard, and all programs must copy these mistakes to work together. This makes it hard to fix problems because every program needs to act the same, even if it’s wrong.