I actually agree with this. Of course it's easy to dismiss as "just don't make mistakes" but there is a profound lack of simplicity. For example, a security boundary like ssh or vpn should not have a billion configuration options (or any options for that matter), some less secure than others. It also shouldn't have any complex negotiating before auth. Receive a fixed size magic + auth key, validate with small formally verified crypto, if doesn't match then drop connection without any IO or other side effect.
But instead we have protocols where the security boundary represents thousands of pages of specifications, parsing of complex structures in elevated context, network requests on behalf of untrusted users, logging without input escaping, and a dozen "unused" extensions added by some company in 1990s to be backwards compatible with their 5 bit EBDIC machines.
But instead we have protocols where the security boundary represents thousands of pages of specifications, parsing of complex structures in elevated context, network requests on behalf of untrusted users, logging without input escaping, and a dozen "unused" extensions added by some company in 1990s to be backwards compatible with their 5 bit EBDIC machines.