This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
A Patch for Postel's Robustness Principle
March/April 2012 (vol. 10 no. 2)
pp. 87-91
Len Sassaman, Katholieke Universiteit Leuven
Sergey Bratus, Dartmouth College
Jon Postel's Robustness Principle played a fundamental role in how Internet protocols were designed and implemented. Its influence went far beyond direct application by Internet Engineering Task Force (IETF) designers, as generations of programmers learned from examples of the protocols and server implementations it had shaped. However, the authors argue that its misinterpretations were also responsible for the proliferation of Internet insecurity.

1. D. Geer, "Vulnerable Compliance," ;login:, vol. 35, no. 6, 2010, pp. 26–30; http://db.usenix.org/publications/login/ 2010-12/pdfsgeer.pdf.
2. L. Sassaman and M.L. Patterson, "Exploiting a Forest with Trees," Black Hat USA, Aug. 2010; http:/langsec.org.
3. R. Braden ed., Requirements for Internet Hosts—Communication Layers, IETF RFC 1122, Oct. 1989; http://tools.ietf.org/htmlrfc1122.
4. S. Bratus and T. Goodspeed, "How I Misunderstood Digital Radio," submitted for publication to Phrack 68.
5. L. Sassaman et al., "The Halting Problems of Network Stack Insecurity," ;login:, vol. 36, no. 6, 2011, pp. 22–32; www.usenix.org/publications/login/2011-12/ openpdfsSassaman.pdf.
6. L. Sassaman et al., Security Applications of Formal Language Theory, tech. report TR2011-709, Computer Science Dept., Dartmouth College, 25 Nov. 2011; http://langsec.org/paperslangsec-tr.pdf.
7. S. Bratus et al., "Exploit Programming: From Buffer Overflows to 'Weird Machines' and Theory of Computation," ;login:, vol. 36, no. 6, 2011, pp. 13–21.
8. J. Postel ed., DoD Standard Transmission Control Protocol, IETF RFC 761, Jan. 1980; http://tools.ietf.org/htmlrfc761.
9. E. Allman, "The Robustness Principle Reconsidered: Seeking a Middle Ground," ACM Queue,22 June 2011; http://queue.acm.orgdetail.cfm?id=1999945 .

Index Terms:
Postel's principle, robustness, Halting Problem computational power
Citation:
Len Sassaman, Meredith L. Patterson, Sergey Bratus, "A Patch for Postel's Robustness Principle," IEEE Security & Privacy, vol. 10, no. 2, pp. 87-91, March-April 2012, doi:10.1109/MSP.2012.31
Usage of this product signifies your acceptance of the Terms of Use.