Re: [Masque] WGLC for "Requirements for a MASQUE Protocol to Proxy IP Traffic"
Magnus Westerlund <magnus.westerlund@ericsson.com> Tue, 29 June 2021 10:02 UTC
Return-Path: <magnus.westerlund@ericsson.com>
X-Original-To: masque@ietfa.amsl.com
Delivered-To: masque@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3CD653A2DC3 for <masque@ietfa.amsl.com>; Tue, 29 Jun 2021 03:02:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.298
X-Spam-Level:
X-Spam-Status: No, score=-2.298 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.198, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qA_36Edst7wS for <masque@ietfa.amsl.com>; Tue, 29 Jun 2021 03:02:05 -0700 (PDT)
Received: from EUR05-VI1-obe.outbound.protection.outlook.com (mail-vi1eur05on2041.outbound.protection.outlook.com [40.107.21.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 760183A2DC2 for <masque@ietf.org>; Tue, 29 Jun 2021 03:02:05 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=VClIgaSYBXZou3zOqRYMM/NKqdl+WVQwcRs6wGwI5e0C1yGaGTaCQiaf4j+EPWhsFowWIyGh1hdiHUbqZ0Vxk2cjT/6/1adLdxm01UoflcbVZUijrLmLbSO2a01lTfoCCaXvktnwQ8+GRG6hkIiXAZU3ihuEMhG6NHBd76Pi5wr97SERVs0js4KIA5Jon1+c/pnfod9duF704ABFoqYIGKnM9pZy3Ld7EJ0702PhfBO00jScNrGqretsJQOSBaTeWceZsd9WCszKSrUjlzW0uVq3WUd5FfJIB/2N8/EskYiC645waBamUOmwIj80vohqkmB1awRTJmcK+lmEa5ucMA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=8gam0bQehwEtuu4VBTAcAGjU681hsETx2gZYot4N/cg=; b=N2/n61Z/24b7/IGY2mD9YD1m/vSeAbG+EQjPncR93Al9ZY9nxH/G9jz/HbdCO8Vj9qQIXeiHjjvv0686mstIKUDlwNTMQ7PZ9FmCSiZ324UVTY3miYksYbQ/phStX5Okwovkgj8ixEVomkykHlF6yVMJ9zNiFppjLQxBuj4LMk+zOcCrHntZ/0koAlk5kP84ISJFRfLEZU62ly3kWK3EqHFG/mdVihJiJ0Db+eVOhEilRbFCVy+6Pp0nyAXhGPOS7AIFHicYBcJ568N3hyJiNTRCeE1V0uWB1ZO9CAoxRcmIXbjdVHYD181QFBCbnWmsvyCGOqgfjm6KcDCEcuhncQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=8gam0bQehwEtuu4VBTAcAGjU681hsETx2gZYot4N/cg=; b=NT1O4zp+wVrBpcMRU/eVOs4RS3svPRnjUlKC/9JNxrptIDhWMtufCYk+CCWIpoT0vxOs8CYIH8J70dTISTseiMhnpcLSXIzIiwKgn1C+ubbc87LZEcYFvSxkt6rpW2OOmxNXmRkAQ4vSVegqaaomYltcn5Xes8Xkk0WAtde32S4=
Received: from HE1PR0702MB3772.eurprd07.prod.outlook.com (2603:10a6:7:8e::14) by HE1PR07MB3449.eurprd07.prod.outlook.com (2603:10a6:7:38::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4287.14; Tue, 29 Jun 2021 10:02:02 +0000
Received: from HE1PR0702MB3772.eurprd07.prod.outlook.com ([fe80::5c2c:3dc8:8947:e043]) by HE1PR0702MB3772.eurprd07.prod.outlook.com ([fe80::5c2c:3dc8:8947:e043%3]) with mapi id 15.20.4287.021; Tue, 29 Jun 2021 10:02:02 +0000
From: Magnus Westerlund <magnus.westerlund@ericsson.com>
To: "dschinazi.ietf@gmail.com" <dschinazi.ietf@gmail.com>
CC: "masque@ietf.org" <masque@ietf.org>, "martin.h.duke@gmail.com" <martin.h.duke@gmail.com>, "caw@heapingbits.net" <caw@heapingbits.net>, "achernya@google.com" <achernya@google.com>
Thread-Topic: [Masque] WGLC for "Requirements for a MASQUE Protocol to Proxy IP Traffic"
Thread-Index: AQHXUjxBf3ikf/VJnEKptAWJfzyNZKr9pm+QgALDNwCAAOyaAIACrmiAgAAGCgCABDtegIAAQG6AgAB6woCAAAPNgIAABHOAgAADggCAAMMrAIACuCGAgB1BsICAAAkQgIABJBQA
Date: Tue, 29 Jun 2021 10:02:02 +0000
Message-ID: <757d0b2b5828a7855f6bbdfcd8aa3ac7a6125334.camel@ericsson.com>
References: <d314198b-6c01-4b15-84d8-9896b5fdee80@www.fastmail.com> <HE1PR0702MB3772355483E2771650C6D679953F9@HE1PR0702MB3772.eurprd07.prod.outlook.com> <746F7E16-37BD-49EF-896A-649D394CCB05@ericsson.com> <CAPDSy+6PjZk0Kea6154V3=GF-8bs+0Mr+FtFfi-girGh3uAVrQ@mail.gmail.com> <3deea8212d66731de5c81abae353f3e9322f2d57.camel@ericsson.com> <CAPDSy+68DoVrRiC7uEn1-Ze_5LDn9mt7-f+ZeovTTYAUh=w2Og@mail.gmail.com> <21d8fc788051b570768e53d6d9355ed51b423c0a.camel@ericsson.com> <CAKKJt-d-FzXVdJpUTacb4m7ESyB6nzkk1BQSf8rHtReOvD=5Jw@mail.gmail.com> <CAM4esxSE=misCJX=73h-kF+RQdQLC2WBhwv3nv5QgR8HK17diw@mail.gmail.com> <CAM4esxQatk4-ENdz+2jCbpRtr8hT0nLWbVLbb64RMJwvBf2qDA@mail.gmail.com> <CAHbWFkQ6YAhqgbbsAPC-i2Rv-_LRZ4R3NKTk4of200GUt38A_g@mail.gmail.com> <91475be5-dee4-435e-a65b-1cde43ffff0e@www.fastmail.com> <74934214da56424b57d7985f49e58b20482d6310.camel@ericsson.com> <CAPDSy+6JU9trGDDPpNa+2Xirq=q0FtpOaE9Sy0gUmdXs=N36bA@mail.gmail.com> <9287d53cbca722b586b4a7684f07bbf89717fa3f.camel@ericsson.com> <CAPDSy+4DMD65w5Cigqc8W09NjjmXq0krtGasSEVuz+kyJwzGGQ@mail.gmail.com>
In-Reply-To: <CAPDSy+4DMD65w5Cigqc8W09NjjmXq0krtGasSEVuz+kyJwzGGQ@mail.gmail.com>
Accept-Language: sv-SE, en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-mailer: Evolution 3.28.5-0ubuntu0.18.04.2
authentication-results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=ericsson.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: bc0457c5-d67a-4fae-6290-08d93ae4f136
x-ms-traffictypediagnostic: HE1PR07MB3449:
x-microsoft-antispam-prvs: <HE1PR07MB3449A91C53978B4D886A8C8895029@HE1PR07MB3449.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: +xnsEHc2ePPTpLwulh5LWeXrXJeP/ouMnEhcquhxP6dvSTmq57jNwRRJHHfazh7uVReez9aP/Vnpj7c9T8XnUYhRUhc0HlNDZS8Hp01QaH6us6OLx36WVgjjCWi97rMwFo93SlDlrhuor/Escjrpy072ELF1DTgqkLgWU9Lcp27v6Gw097UPAtvu99UqksDNAkvL0zmvd+MwEqiEUSK1CI9EdG/O5OAP4ikAjF+6FHlRgnMhjjnfFP4zVyuja9kipsqBFO7A0pIf25MUmTu01pT6NAugC9QmS+YQ4q1iMbg7SM5D9/8HIDe10e+YLyapZF5P/zS+tpKkGwfXHYi6ORKGR7IeQr8n0Np++O2Z4DSuokMOP24KKxgsJbni+jd4ECEQFfetlGZh7aD9Qr09rnHLZdBzI2wGKi3wyCA7VrPItlECfyJ1GsIwiQx18+L4f4OyXnD0bUZPVmbeywSbB+NpYU/reiUkv657qQ74vdM3y2Mi71/Qiu2fUyBGdAXOHPItjjMvHpOHvA3jZWk65NPsTRWrERqa27ovMxD0FbSplr461vykOhgeMOW5rrtNclauAAucnksH2heQOYD9ZbY11TiDLJKTGhctjYA0mtk//LjtX8OQbfa1ivDGnl4R6JTGpvptRsasIlqDLi4rd8dc+P63LQmen4/MsSSq8CREFcB7VxRTYCn1OlpPrDKKhCCRcCV7vYXNf0mk/QtsJA==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR0702MB3772.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(396003)(136003)(376002)(346002)(39860400002)(366004)(6512007)(26005)(122000001)(478600001)(316002)(2906002)(38100700002)(6916009)(5660300002)(8676002)(44832011)(83380400001)(186003)(86362001)(66946007)(71200400001)(36756003)(76116006)(2616005)(6486002)(66616009)(66476007)(66446008)(64756008)(66556008)(4326008)(8936002)(54906003)(99936003)(6506007)(99106002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: kfr9uHsT29iKAiY670Islm/r048yEeZ5uIq7HKxn2OA40C1HzmbORUO74nvJzwjueQSgRpxoI4oKLeHSQEWZ5tvWrzeV34Sc10yhtc5gtvxKCY9OSdlXMJlFI6W1LJq504Au9A3TGNnG2i218MZFLuv4obOs3mJo+wEZqa7XiDOqPFsC9qRAGo8tmZc+0/UP+MhP14EL7wnjeUIAoMGVSRb5rVPeDUsqpaE5zV2FNtJqELNVhckakLACswMUrzJhCVOh7SJoveiG0AQGf7fnwwpLLf3rXdT3++zY9sjScr81LxOiL4ox+V2QV2/EYQ1l7PZ4umJhay6npKzKaJCTZfhpHa6LWEkHQRGb1yh+iW28JSZtr3B+D7P/WiIBiZeV1FgJeXrt1wIjwLjKZYc8r4NEvCOZSPOuZXRKJm+ImYKVFJVqksj4q1FC5jnEhKeJEBqsTmU+WmPjh1frjZWVDqaw5uPwYRWdngBihLpl6+wArpJuNxv3KFYbeZxyRULKYZfzQyNhPs6YwuehEFrEBM48AZwXYxjDklEqAl4OA7e/FUtXQ8keSHScbkCBOtK+dOxQjA6tLj946uFEsd0pYjq58XS8siGef+Ua1r4pBYnTczMwP0vR1+OoajUl2YVYLy1J7DJy3JII35TL26PmislT3qLpHgMA1r5bfuYWv1ZkpXDnNHXbeiaCk7VGpy8CPRqN2PF4gxcrU3HAs+KLJbeRe+q70WjzIPx64uLLkaTXTKXUK+EtCMDWHhiM1VjtriKuHjV0otQjIOhJLwYkvbDYWc/lbGUkz9TOUnNj4eBjxmiKjUQcvxU/RqBRaf2nqaujKmFdbvUEBoURjsJX83dc0VGVrlA0eaqx24iRY185T7Mijdle+zPpHGdsbnhnwjdCliCBHBr3Ofa9Scgwzt88j5hojU2eQzgvDDEUeS+kMErAZ3NDqZv/DoRp+PjKmloZWngiUU6BFaEUc81MWlbtPnNuHOrBcD7MD32FRGRpU2Te9Hpe0yd5PuiJvSlaWrcuqop3Oyqv2WUIFk6GgJNhkz+3pPL9o2Euv/OWZeljaF386mVGUX3Ow+e1yKf0NHz+BvBrAMzq0J/harDzmFFxbo1TjaUIK3VW691v/w8HbIOhM0FouCDlpzkNihieGUp+bXcDNEUqywN2TEVWlaAKf8qqNkb/UpSLLp9meK9otRoR7WGhEDe8vpfYGeG7r0T8RMcBC41ZAa9LEzyH7OJyvzsqWgOaB6EVzCSzR2/RcVNkTtGcKiOy342Vp2+fHHLe0Yt1Zxy6ISFrWgS/PTJrbEWcGFsU2pQ9wWQIw1o4szjOPdmE+PtHHlZYlpFx
x-ms-exchange-transport-forked: True
Content-Type: multipart/signed; micalg="sha-256"; protocol="application/x-pkcs7-signature"; boundary="=-6PabTEVwM4Ta3dkQHjKf"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR0702MB3772.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: bc0457c5-d67a-4fae-6290-08d93ae4f136
X-MS-Exchange-CrossTenant-originalarrivaltime: 29 Jun 2021 10:02:02.2444 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 2YdgGh01ljH58Hk+hbh/cDcPM4tqyUkZtf7DtBPpFOONWLU95jR0pc/q/zwSM+mDrUYEGJSKoTQdDFrGT6Emx8OGozld/5F9rzBzTL+IT8g=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR07MB3449
Archived-At: <https://mailarchive.ietf.org/arch/msg/masque/bZj1qaVRFIdqge9X0kBtjPIScro>
Subject: Re: [Masque] WGLC for "Requirements for a MASQUE Protocol to Proxy IP Traffic"
X-BeenThere: masque@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Multiplexed Application Substrate over QUIC Encryption <masque.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/masque>, <mailto:masque-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/masque/>
List-Post: <mailto:masque@ietf.org>
List-Help: <mailto:masque-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/masque>, <mailto:masque-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Jun 2021 10:02:10 -0000
Hi David, On Mon, 2021-06-28 at 09:36 -0700, David Schinazi wrote: > Hi Magnus, > > Thank you for clarifying *what* you would prefer to see in scope. > Can you explain *why* you are advocating for those topics? So the reason I am advocating for additional care in relation to routing information is the fact that a malicous and successful injection of a route into a network can be used as an tool to attack third parties. You could potentially divert traffic to perform other attacks or monitoring for survailence or information gathering. And I think the main difference between the network to network VPN case compared to the customer VPN, is that the later only forwards traffic with a destination of the address/network the MASQUE Server lent to the MASQUE client. That makes the threat model match the leaf node, not a transit or multihomed network which network to network VPN easily create. And with that change to the threat model the mitigations and security considerations are impacted. Which in terms is what I fear will delay the specification additionally. Do you think you can write a specification without bringing up the security considerations for the protocol field that carries route prefix information? The requirements document is very clear in Section 3.5 that a protocol mechanism is needed for route negotiation. That negotiation will be used to affect the MASQUE endpoints routing state. Which in its tern requires the implementation to consider which traffic it should accept. Yes, there is a trust question here in regards to authenticy and identity of who makes a statement about that authenticity in the request. But it is also a question of what threats are inherent in this mechanism and what each endpoint needs to consider when using this mechanism to safely use it to forwards traffic through the tunnel. > In particular, you seem to be treating the routing table as > something unique that needs to be handled differently, and I > don't understand that. Many HTTP methods involve changing > local state - if I click the Like button on a website, a database > gets updated somewhere, for example. The routing table is a > database, and it's unclear to me why it needs to be treated > differently. It seems absolutely reasonable to have text in the > security considerations section that states that servers shouldn't > let unauthenticated clients modify any server databases without > checks, but it sounds like you're suggesting that the protocol > solution document be opinionated about trust, and that would > severely limit the applicability of the protocol - various use-cases > will have different means of authenticating clients and picking > policies for what a client is allowed to do, and we cannot preclude > those. The routing information carried in a MASQUE specific mechanism that directly impact what traffic that MASQUE endpoint will forward and what mechanisms will be needed to mitigate threats is the same as any HTTP application. So this is not the same as a general HTTP using applicaiton. The HTTP using application will have to evaluate the risks with the implemented function in that application, just like I asking us to carefully consider the impact of the application MASQUE. And when it comes to authentication mechanism I think for interoperability it will be necessary for the MASQUE application to require something to be mandatory to implement, even if that is the Mandatory to implement by the targeted HTTP versions. However, MASQUE service clearly have similar considerations to TURN servers where the failure to early on consider if one had mechanisms that was suited to the use cases. The issue with TURN was that for example WebRTC services wanted to provision its users with user individual credentials where the TURN services could be a contracted thrid party service that supported many WebRTC services concurrently. But to conclude all I am really expecting is that the security considerations and the mitigations in the MASQUE protocol specification consider the MASQUE application in all its use cases listed in the requirements. Cheers Magnus Westerlund
- [Masque] WGLC for "Requirements for a MASQUE Prot… Christopher Wood
- Re: [Masque] WGLC for "Requirements for a MASQUE … Magnus Westerlund
- Re: [Masque] WGLC for "Requirements for a MASQUE … Mirja Kuehlewind
- Re: [Masque] WGLC for "Requirements for a MASQUE … David Schinazi
- Re: [Masque] WGLC for "Requirements for a MASQUE … Eric Rescorla
- Re: [Masque] WGLC for "Requirements for a MASQUE … Töma Gavrichenkov
- Re: [Masque] WGLC for "Requirements for a MASQUE … Jana Iyengar
- Re: [Masque] WGLC for "Requirements for a MASQUE … Martin Thomson
- Re: [Masque] WGLC for "Requirements for a MASQUE … Mirja Kuehlewind
- Re: [Masque] WGLC for "Requirements for a MASQUE … Mirja Kuehlewind
- Re: [Masque] WGLC for "Requirements for a MASQUE … Töma Gavrichenkov
- Re: [Masque] WGLC for "Requirements for a MASQUE … Alex Chernyakhovsky
- Re: [Masque] WGLC for "Requirements for a MASQUE … Magnus Westerlund
- Re: [Masque] WGLC for "Requirements for a MASQUE … Magnus Westerlund
- Re: [Masque] WGLC for "Requirements for a MASQUE … David Schinazi
- Re: [Masque] WGLC for "Requirements for a MASQUE … Magnus Westerlund
- Re: [Masque] WGLC for "Requirements for a MASQUE … Magnus Westerlund
- Re: [Masque] WGLC for "Requirements for a MASQUE … Christopher Wood
- Re: [Masque] WGLC for "Requirements for a MASQUE … David Schinazi
- Re: [Masque] WGLC for "Requirements for a MASQUE … Eric Rescorla
- Re: [Masque] WGLC for "Requirements for a MASQUE … Alex Chernyakhovsky
- Re: [Masque] WGLC for "Requirements for a MASQUE … Magnus Westerlund
- Re: [Masque] WGLC for "Requirements for a MASQUE … Spencer Dawkins at IETF
- Re: [Masque] WGLC for "Requirements for a MASQUE … Martin Duke
- Re: [Masque] WGLC for "Requirements for a MASQUE … Martin Duke
- Re: [Masque] WGLC for "Requirements for a MASQUE … Alex Chernyakhovsky
- Re: [Masque] WGLC for "Requirements for a MASQUE … Christopher Wood
- Re: [Masque] WGLC for "Requirements for a MASQUE … David Schinazi
- Re: [Masque] WGLC for "Requirements for a MASQUE … Spencer Dawkins at IETF
- Re: [Masque] WGLC for "Requirements for a MASQUE … Mark Nottingham
- Re: [Masque] WGLC for "Requirements for a MASQUE … Magnus Westerlund
- Re: [Masque] WGLC for "Requirements for a MASQUE … David Schinazi
- Re: [Masque] WGLC for "Requirements for a MASQUE … Spencer Dawkins at IETF
- Re: [Masque] WGLC for "Requirements for a MASQUE … Chris Box
- Re: [Masque] WGLC for "Requirements for a MASQUE … David Schinazi
- Re: [Masque] WGLC for "Requirements for a MASQUE … Chris Box
- Re: [Masque] WGLC for "Requirements for a MASQUE … Spencer Dawkins at IETF
- Re: [Masque] WGLC for "Requirements for a MASQUE … David Schinazi
- Re: [Masque] WGLC for "Requirements for a MASQUE … Spencer Dawkins at IETF
- Re: [Masque] WGLC for "Requirements for a MASQUE … Magnus Westerlund
- Re: [Masque] WGLC for "Requirements for a MASQUE … David Schinazi
- Re: [Masque] WGLC for "Requirements for a MASQUE … Magnus Westerlund
- Re: [Masque] WGLC for "Requirements for a MASQUE … Alex Chernyakhovsky
- Re: [Masque] WGLC for "Requirements for a MASQUE … Magnus Westerlund
- Re: [Masque] WGLC for "Requirements for a MASQUE … Eric Kinnear