子曰，邦有道，危言，危行。邦无道，危行，孙言。 ‘ — 论语，十四:三
The Master said, ‘When the Way prevails in the state, speak and act with perilous high-mindedness; when the Way does not prevail, act with perilous high-mindedness but speak with self-effacing diffidence.’ — Analects XIV.3 (Lau)
Confucius expresses not only a prudent guideline for ethical public service, but a principle for designing robust systems across diverse interfaces. Consider The Way prevailing in a trustable system: one you control, or one well established, open and of high quality. In these circumstances it is possible and desirable to do strict validation on subtly incorrect inputs, and to raise exceptions internally without fear of further system failure.
A bureaucracy is an information processing system of communicating agents. At the external endpoints of this system it can, through interfaces, have physical and social effects. Likewise, software is a bureaucracy of automatons. This is especially evident when the software system is decomposed into independently processing agents, as in concurrent or distributed systems. External effects depend on the system: a state may build a road, or put a man in jail; software may fly a plane, or a missile.
Such decoupled or distributed systems then have non-trivial needs for design of the communication protocol itself. This manifests, in traditional bureaucracy, as paper forms. Paper (or equivalent) is now seen as a technological pre-requisite for centralized state formation across larger geographic and demographic scales because it is an enabler for efficient central bureaucracy (eg Whitmore chapter on Dai Viet). In the time of Confucius the state ran on more unwieldy scrolls, but the problems of information flow in the state system are shared.
Facing similar problems of information design, Confucius gives similar advice to Jon Postel:
TCP implementations should follow a general principle of robustness: be conservative in what you do, be liberal in what you accept from others. RFC 761
Postel is perhaps more forgiving than Confucius, here. If a program must deal with badly formed inputs, The Way does not prevail in the system. If it tries too hard to be liberal in it’s interpretation of inputs, rather than logging an error, rejecting or ignoring the input, it is more prone to subversion. One could say the system does not act with perilous high-mindedness in maintaining its internal state.
The langsec group have a variation on the principle which bears even greater similarity: “Be definite about what you accept”. Log an error if you can, they might have added; else speak with self-effacing diffidence.