W3C home > Mailing lists > Public > www-jigsaw@w3.org > March to April 2000

Re: Off-topic: Which RFE says: "Be forgiving for incoming data but be strict for outgoing data ?"

From: W Lee Nussbaum <wln@evo.tla.org>
Date: Sun, 2 Apr 2000 05:24:44 -0400 (EDT)
To: Roland Mainz <Roland.Mainz@informatik.med.uni-giessen.de>
cc: W3 Jigsaw Mailinglist <www-jigsaw@w3.org>, W3 libWWW Mailinglist <www-lib@w3.org>
Message-ID: <Pine.GSO.3.96.1000402045458.27011B-100000@evo.tla.org>

Good morning.

Many of them.  The earliest one on-line is 761 (TCP, Jan. 1980 edition).

The phrase appears in RFC 1122 (Requirements for Internet Hosts), s.
1.2.2, as follows: 

1.2.2 Robustness Principle

At every layer of the protocols, there is a general rule whose application
can lead to enormous benefits in robustness and interoperability: 

      "Be liberal in what you accept, and
         conservative in what you send"

The phrase is credited to Jon Postel.  One memorial tribute
includes the following paragraph:

  In many respects, Postel's oft-quoted maxim of robust protocol design,
  "Be conservative in what you do, be liberal in what you accept from
  others," reflects the principles by which he lived, both as a
  professional and as a person.

Security dweeb peeve:

A side note: it is often overlooked that in situations where an entity is
serving as an intermediary actor, that entity's output should qualify as
outgoing data by this principle.  That is, for data which is not opaque to
the intermediary, said intermediary should reject the input if it would
not be unambiguously possible to rewrite it to strictly legal output.
Otherwise, the intermediary is likely to contribute to and perhaps
exacerbate any security or integrity exposures that might exist within the
protocol in question... 

 - Lee

On Sun, 2 Apr 2000, Roland Mainz wrote:

> Date: Sun, 02 Apr 2000 07:43:22 +0200
> From: Roland Mainz <Roland.Mainz@informatik.med.uni-giessen.de>
> To: W3 Jigsaw Mailinglist <www-jigsaw@w3.org>,
>     W3 libWWW Mailinglist <www-lib@w3.org>
> Subject: Off-topic: Which RFE says: "Be forgiving for incoming data but be strict for outgoing data ?"
> Resent-Date: Sun, 2 Apr 2000 00:43:48 -0500 (EST)
> Resent-From: www-jigsaw@w3.org
> Good morning !
> ----
> Sorry for the off-topic question:
> Which RFC says that an application should be "forgiving" for incoming
> data but be "strict" (e..g maxmimum conformance to the "standard") for
> outgoing data ?
> I have to write a small article and like to quote that - but I don't
> like to read ~2000 RFCs first ;-(
> ----
> Bye,
> Roland
> --
>   __ .  . __
>  (o.\ \/ /.o) Roland.Mainz@informatik.med.uni-giessen.de
>   \__\/\/__/  gisburn@informatik.med.uni-giessen.de
>   /O /==\ O\  MPEG specialist, C&&JAVA&&Sun&&Unix programmer
>  (;O/ \/ \O;) TEL +49 641 99-13193 FAX +49 641 99-41359
Received on Sunday, 2 April 2000 05:25:10 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 22:41:28 UTC