(The discussion seems to have settled on ietf@, so I'm sticking to that. Thanks to everyone who contributed to the now 70+ emails in my inbox. Having to sleep while people are at work has that effect. I'll try to respond to the main points, and to hell with my Narten score for this week.) Though I think that I disagree with Deborah (and I'll explain why below), I think that her suggested title goes some way to capture the intent of this effort. Yes, this is intended to deprecate the robustness principle. To my mind, the meme that the robustness principle engendered is more of a problem than its application. As Warren suggests, this is not an ideal, but a principle to be applied with due consideration, but that lesson gets lost. In the time I've been doing the protocol-y thing and engineering more broadly, I've seen the principle abused more than it is applied with that sort of awareness. To that end - and to Brian's request for a softening of the language - it's important to have a strong title. I appreciate that this is less principled and more about marketing, but I won't apologize for that. As Henning points out (and Barry also), application of the robustness principle results in technical debt. I did consider using the phrase "technical debt" in the draft, but was unsure whether that term was well enough understood. More seriously, "technical debt" has baggage that could be problematic in this context. It's almost exactly the right concept - projects routinely take on technical debt in the process of getting stuff shipped and that is more or less what the robustness principle recommends. As Matthew points out, we probably wouldn't have an Internet without it. But the scale is different. Individual implementations or deployments might be the ones to make the decision, but the cost of that decision can transfer to the entire protocol community. If it were the decision of a protocol community to take on that debt, it would be less of a problem, but decisions are made by a few with fairly serious externalities. Randy's anecdote about technical debt in SNMP was a good one. Robert Sparks had a similar experience with SIP that we've discussed previously. In these cases, the problem was eventually solved, but it wasn't cheap or fast. Mark Andrews' example about DNS flag day shows that it doesn't have to be too expensive, but perhaps that you do have to be a little aggressive to get results. Which comes to the Deborah's suggestion that this advocates for "forklifts". I don't know how deploying patches turns into "forklifts". Protocol changes don't necessarily imply big product changes. What is relevant is time. In a mail to the IAB, Stephen pointed out that the timescales on which changes can be made are highly relevant and that the document might be read as implying software update on the same timeframe as a browser might be updated. While I firmly believe that software needs to be more responsive, in part because that is critical for security, I realize that some deployments are highly constrained in the pace at which fixes can be deployed. In those environments it is appealing to have workarounds deployed rather than to find and agree upon systemic fixes. The document could probably recognize constraints on deployment timelines better, but I don't think it invalidates the central argument. As an aside, I've had the experience of meeting someone responsible a bug that our team spent weeks building and deploying workarounds for. We quickly established that they were unaware of the problem, willing to fix it, and able to do so more effectively than we were. It was intensely frustrating. Several people attributed this sort of problem to incompetence/laziness, but I would never suggest that. As both Tony and Adam were careful to point out, the reasons a bug manifests is not explained so trivially. Christian pointed out that "modern" protocols are being better at defining error handling paths in an attempt to close off those opportunities for applications of the robustness principle. (And yes, we have people being more strict.) This misses what is, I think, the most positive change in how we build protocols. Holes in specifications are being addressed collaboratively because people are talking to each other and because people are willing to make changes in implementations or specifications as appropriate. That's not especially new (thanks again for the SNMP example Randy), but it is worth recognizing. Brian lamented the unconstrained extensibility in CBOR, which I suggest is something that he should take up with the groups that are working on the protocol(s) he is talking about. Even the idea that you might just go off and robustness principle the protocol until it works right is the whole reason I wrote this draft. Christian also mentions IP extension headers and Henning multipart in SIP as potential counterexamples. Cases where the spec is clear, but the implementations refuse to comply. We've plenty of experience with this on the web also. The remedy Henning suggests (have the community declare the feature dead and move on) is in my opinion the best thing to do; it's what CSS did and it worked out well, but it took ages to deal with the fallout. Again, it took an active community with a shared understanding of the goals. I'm very appreciative of the feedback you have all given on the draft.