Re: [Masque] WGLC for "Requirements for a MASQUE Protocol to Proxy IP Traffic"
Mirja Kuehlewind <mirja.kuehlewind@ericsson.com> Wed, 02 June 2021 08:12 UTC
Return-Path: <mirja.kuehlewind@ericsson.com>
X-Original-To: masque@ietfa.amsl.com
Delivered-To: masque@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 679E03A3A49 for <masque@ietfa.amsl.com>; Wed, 2 Jun 2021 01:12:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.799
X-Spam-Level:
X-Spam-Status: No, score=-2.799 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.698, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rIRoYuGSDFRx for <masque@ietfa.amsl.com>; Wed, 2 Jun 2021 01:12:47 -0700 (PDT)
Received: from EUR04-VI1-obe.outbound.protection.outlook.com (mail-eopbgr80049.outbound.protection.outlook.com [40.107.8.49]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6B9953A3A46 for <masque@ietf.org>; Wed, 2 Jun 2021 01:12:47 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=gF24UYz12cmkST3FiuOCTTxXCtWhNgkCCVjLaC+3ncq66DQ45pO60pLhEaAHnXNLlmPvELCtcnQCAJdZOE9a25T/lWBnBtbp00TTmS+Tm8g/kmGH/ChflMA0nmBGrmQNf0lXL1yY/alr59J/kgtI38AD44T8NJcgtAue3V32W91JInqTlq8WMmyJ8iQiAsN78i6PwkbM/8Q6qxuIgMmPWEk38g3SXzRwCQIrOROix4f4/t6jcFbN2mYC4TNyGcOhmf+pEOerzRKq6QFK7CODB8fsOd3oR1Sm0JNVAUVgq+3niSXPhE4PuANiXhHKuCru7aIBWkLS1V+o2f/sMZZARQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=+B4lGX/YaRnrDPBG5GYEo3znLKBrcpjPnnbXJ5Fdxp4=; b=EiVmB6Zeo4dn554PIKXhnYkQP0U+ZQLiyXMt+68Z3Hh43EgXoCCXR0nUpNdSFV9jJeNR4U+ICUDVMVSXLlNdp52Jnboz3OQDxhAgyeYv2C8zfTdGDOXgE0ehANtFV7m69iTnbNS2LPn5p+QkQ+FhtOsyI4ncrzgW1LgNO3kRb9sh6iTw1DTFPthu9hNoMDfMFukkzTFnRqpfTNw6x2JH7e87AfZfHY2qNkGvPDCUH/jNdR0LP+CIklg+wEYTRxhq08t582VuIQKgRwc/W4SOycWRu/qTSvhNZJ+aOQMiRmVwZrOb03V8YDCVbhTxH0aP0VXE7uG4XA8OYcafzxS+2g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=+B4lGX/YaRnrDPBG5GYEo3znLKBrcpjPnnbXJ5Fdxp4=; b=JazabIWLZrr2nam5P1M/EgHP+DoEl2qZH18LsIQ/1EhY5bbZo079YC5Y52JXf5EY6ErVJMzss064xsT5NbncAwjSwzidMlB6Dlp5/tm2HUB5+2REe50bq7dU3BOzodH0h00U/mk8vOn1ZKMaRZ3xwlOxLZaHEwmRuoxCN1Rm09k=
Received: from AM0PR07MB3939.eurprd07.prod.outlook.com (2603:10a6:208:40::14) by AM4PR07MB3443.eurprd07.prod.outlook.com (2603:10a6:205:b::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4195.14; Wed, 2 Jun 2021 08:12:42 +0000
Received: from AM0PR07MB3939.eurprd07.prod.outlook.com ([fe80::f5b3:5946:19c5:d8b8]) by AM0PR07MB3939.eurprd07.prod.outlook.com ([fe80::f5b3:5946:19c5:d8b8%6]) with mapi id 15.20.4195.017; Wed, 2 Jun 2021 08:12:42 +0000
From: Mirja Kuehlewind <mirja.kuehlewind@ericsson.com>
To: Magnus Westerlund <magnus.westerlund=40ericsson.com@dmarc.ietf.org>, "caw@heapingbits.net" <caw@heapingbits.net>, "masque@ietf.org" <masque@ietf.org>
Thread-Topic: [Masque] WGLC for "Requirements for a MASQUE Protocol to Proxy IP Traffic"
Thread-Index: AQHXUjxAc1w48JtpZUu5xzx5r++lLqr9wLWAgALKd4A=
Date: Wed, 02 Jun 2021 08:12:42 +0000
Message-ID: <746F7E16-37BD-49EF-896A-649D394CCB05@ericsson.com>
References: <d314198b-6c01-4b15-84d8-9896b5fdee80@www.fastmail.com> <HE1PR0702MB3772355483E2771650C6D679953F9@HE1PR0702MB3772.eurprd07.prod.outlook.com>
In-Reply-To: <HE1PR0702MB3772355483E2771650C6D679953F9@HE1PR0702MB3772.eurprd07.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.48.21041102
authentication-results: dmarc.ietf.org; dkim=none (message not signed) header.d=none;dmarc.ietf.org; dmarc=none action=none header.from=ericsson.com;
x-originating-ip: [2003:de:e720:6a00:4d28:b444:6ec9:8322]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 5253d5bb-b377-49dc-b416-08d9259e323d
x-ms-traffictypediagnostic: AM4PR07MB3443:
x-microsoft-antispam-prvs: <AM4PR07MB34433AEF429623E9D527396CF43D9@AM4PR07MB3443.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: LpAmwqdpk0ps2Q81CvdAO7avHFTCbpL1dYLuBODHaMs4L1taaNfv5DRlKxppivoqUcrWmzUpbGdJa2T1D04aieJ0KgZIGeJw6lCwmTZaXJaVlNk4fhi5GSesSrm8Lc0xIhWYS2J1/lrCW4d1OgrYVQpnqpTycBZb62DoN8MuMG3LIQp7yc1+x41VEDEN/qlVcuODoLZ+yEdB8z43ktxvRyFhBtWN6YES1Yy2IhT0zkZ0/5N2ggkMaFF2dT4in7sBiKZjNuz8WtZRrw96wDXiDJzh5z8N5yCAJpE/Kzp5kqX9ousHjKTsJUYC9ds5iW+hKeBUgqV5QqKGA5hIApvp81beGQPD0JttuPjZROHAKr6FB7bh+dQjRCpxLVgWFkBXqWZ00Ig9xUbLlkWP+ZKghLaQIxgvFYnXyGn/NrItF4S7n3o3SDUuyPGaj1qQx/7/p/gou3VU6nygP3g4NRV4NS47b+vwKZCI7QcXrNu7meT7ygmCKf8qRNooGD0Ts7LlL4RUv5cLoiWbzqKmUIPocNPGa767fQs8IldsUyI7OVd9KOX/veRm+2Hu4+4dDjYeIwTElQtC/gFwFffloCTinEcpeX350lSiKBOMNcA3hzaVAtuKbfQr8uwMxCYaeAnlwfExgVeNuiC6p+Wip0EOKMWcq9zXNf1KGyCoqfBpo+Y=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM0PR07MB3939.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(376002)(396003)(346002)(366004)(39860400002)(136003)(44832011)(36756003)(8936002)(6486002)(2616005)(8676002)(122000001)(33656002)(110136005)(5660300002)(478600001)(38100700002)(316002)(2906002)(91956017)(66476007)(76116006)(186003)(64756008)(66446008)(71200400001)(83380400001)(66946007)(6512007)(86362001)(66556008)(6506007)(45980500001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: 2g3neH6HkKkud+A3Q2jqz9pGcQN1k3pRi9/nP4XPqKtgnFQzt1Uvy7aAwr88zGR62Acm1PxhaAnPIyJZSUL7mLwU5xvnQx5sTPsyJxUoe83MiRXT1betf+lH0AjyvdtBVHQqN2Z66cjew8wLJ0rO5ejE471rPq//i6HQKCU/qcYTBgG17VUyUCIBxTObL5RDag7ktrZO+Tuc14Jv3cUUS2XELTB6O+HId0FdDpg9qS0Dqv7qfgpHo9LqerM/+bct6RVFiBHyoz1NlaUdypeQhxJ2hwR5uooXASk8QPNiR4Qw9yKhKcU6ilUnhIU1e2MJk56t9LeL9cy3THgbnyaYfJHuMuhIBbMU0uSfsZkTbIjsM68xSsJOy8bbXBl/ZV0J/4Qtr8maX9egTG/5P9pbEf40+tnyS8HaqFMMDgVazeBzq/90id3M9N9EzkAD+wGRf1cUziUuAUtuFd9uSVVEmElGckBG8tuG+fpiCbPxCH2ed7LmuxbUjUUIWGNKhoLmWGhig9HgXNWw4TgbX07lk1IUjU51OToPL/wfYnSWNP19a9FOTZhsUZlxmMR9EkA2gYOLJGwAlSUXsqQACazOnpHvsR+6VhdPkrSrzGw8HyYrVpCEtAs+q8Ck9i5LZzMy2FK3gj6h/7/emPwXYCMGLbPjkPGqgrFXG7CNnMLwL0y8BNlTaD5ihj4o1PWXL4Dw4EgTmwpK4JtGgQxyYxGQzThRq5wwGoQAL8VQ901fHdlLLZ5lU8hBakcEKmKgMnQa9k6obPXed7ZTZccJzbeMRD7pwCYF00KS7KJDDTbBxfneiBX7doTnNmMxstITaEBAmlCkHdo+R1gDds6X9v7TF8nl83qIDSGXUeli94bcWuGYY0DSBa2LAhfIqs7kHSyfGSfTN04gh7+tJs7HA9tZnsNW2Ob5QoNX7Y8HhfK8xPrRhzD027VkWdW4MgUNPrDdHpqQEpe3726YPgOqmgCaOOAQg4Rx5ZHtMsRMK4wLHzdsP9C8mYWY/Gvaj+wZFtj96h74dzUvOdI5yUeeuH4gbepR5/OKWGOx6xSgsxWxVzftJx4e756ZSK6jM9Z5qkO4wuGOn/HgskL0rhBuAOAzHkfElqGwIXl8f7iS2hmUtbZBsq5AnnaNkMuXowqcevLWLczeOSQZgvDO28BWqqUhL8rRy2h5N53KN06TO6MhSIpcDStBDrjj/4jcT7A7tjThA6XsFQNckKEzzGNLDYAIzrKaszGU7/wfJhkmVdpDZaDOgg5aQhMfkdCYWrCxPSdJUdXt5D3LK8zDZtCahHIUzmfNrHYPK6tVkFHHrOY/pqVmy4wIvWEsUqjx0u+9sToXEcpXlhTUrjkvW9fsaZ9tX/iKC/lu/feCJiVGF3FmlmpUQBkNcEWjfy9bxuTRImrYeC20O3PgV9R+mG73gNgDzg==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <62CA270C50492045819D04219972590A@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AM0PR07MB3939.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 5253d5bb-b377-49dc-b416-08d9259e323d
X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Jun 2021 08:12:42.6481 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: zfCNvEY4F8wQ2zlDA5EyPs5xSRuoLqAa8UD1qSv6dik65xAC3gxz81B2ziryeP0g1twRsQARCtkfHcjgw3o49Sh2r1BeXQbc9a9dYXdU6lw=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM4PR07MB3443
Archived-At: <https://mailarchive.ietf.org/arch/msg/masque/h1OcHwVF2W7EIRXBaMA-iLAw3Iw>
Subject: Re: [Masque] WGLC for "Requirements for a MASQUE Protocol to Proxy IP Traffic"
X-BeenThere: masque@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Multiplexed Application Substrate over QUIC Encryption <masque.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/masque>, <mailto:masque-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/masque/>
List-Post: <mailto:masque@ietf.org>
List-Help: <mailto:masque-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/masque>, <mailto:masque-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Jun 2021 08:12:54 -0000
Hi all, I think I already made my points a couple of times but for the record: I agree with the points raised by Magnus below. I don't think the drafts is clear about all requirements and especially about the question which things are part of the core document and which things might only be needed by one potential use case. I think the document served its purpose by creating discussion but I don't feel we have reached consensus on all points. However, I also don't think spending more time on the requirements is a useful exercise and I would prefer to move on to work on the protocol (even without final consensus on the requirements). Mirja On 31.05.21, 17:35, "Masque on behalf of Magnus Westerlund" <masque-bounces@ietf.org on behalf of magnus.westerlund=40ericsson.com@dmarc.ietf.org> wrote: Hi, I have reviewed the document -02). I have some detailed comments below but first I have a very high level comment about this document. I think it is a mistake to attempt to declare a WG consensus on this requirement document. I do believe this document contains valuable things to consider. However, I do not agree on how it is formulated or what requirements level it puts on things or what it means. An example where I see a significant issue with how we interpret things would be this from Section 2. "This section discusses some examples of use cases that MUST be supported by the protocol. Note that while the protocol needs to support these use cases, the protocol elements that allow them may be optional." I think this MUST is quite meaningless in the context of the next sentence. For example I am of the opinion that the protocol should not be required to support use case 2.4, however I have no issue with the proponents for that use case develop an extension. The reason I think it should be an extension in an individual document is that in this use case one can assume much less about routing, source address validation, and the trust issues for that information looks different. So what does it mean that the protocol MUST support 2.4 if that is in an extension? Then it is not necessary for it to support and thus not a MUST. This is just one example and I point out more things where I am not agreeing on how the requirement is formulated below. I think it is better for the WG that we avoid declaring consensus on the requirement document (which we anyway not intended to published) and instead use it as a reminder of use cases and functionality and then dive into solution that covers these. We can discuss in the context of the solution if it is necessary or not to have a particular feature that enables a particular use cases in the core spec or in a extension. Section 2.4: I think this use cases is quite special as it is the one that requires the MASQUE Server to trust the MASQUE client statements of what networks and routes it has. In 2.1-2.3 the MASQUE client will be a node in a network provisioned by the MASQUE server. For information purpose the MASQUE server can inform the client what routes exists from this network. In most cases this network will have a default route to the rest. In some cases, like 2.3 it might be specifically intended to reach a particular network(s). Also when the masque server deals with that the client presents an address range that isn't borrowed from the MASQUE server, then also there are questions about routing loops, return routability and ownership of that address space. Thus the considerations for this use case are significantly more complex and this is the reasons I argue that this should be a separate document so that it can be progressed as it matures and the core don't need to wait for these issues to be sorted out. Section 3.9: I think this requirements more advanced parts really are associated primarily with use case 2.4. So providing a single IP address or a part of a prefix for a network that is treated as one across is this really route information, or reachability from this network? Section 3.9: I am not certain I understand what it actually referred to with "Both endpoints can also request a route to a given prefix, and the peer can choose to provide that route or not." Is it a request to add a route to the specified prefix via the requesting MASQUE endpoint or the reverse of please provide a route to the given prefix? Section 3.6: "Note that this requirement does not cover authenticating the identifier." Do I understand this text to say that the protocol should be able to carry the ID, but not need to enable a trust structure to verify the ownership of that identifier? But, I would guess that it is assumed that the transport of said identifier will be done so no third party can modify it per Section 3.7. Isn't this requirement in contradiction of IETF general desire to mandate at least one secure method for operating the protocol? Thus, it would be fine to have a general mechanism for providing identifier or the remote endpoints identity, however one mandatory to implement solution for this should be provided. The reason I am asking here is that in many usage of a secured tunnel require the endpoint to identify itself. Section 3.8: Is this really a requirement, or a desired capability from the underlying transport to reduce the overhead? When using QUIC with datagram one have the possibility to move the bottleneck from the forwarding on the sending side not keeping up and having to drop packets to have the receiving endpoint not keep up in its forwarding and therefore drop packets. But, clearly it will reduce the overhead for operation when datagram is available. But, clearly the MASQUE implementation need to work also when HTTP/3 is not available. Thus, an implementation needs to have support for flow controlled traffic, and I guess this requirement intended to say that it also needs to support when flow control is not available. Section 5.1: This document only describes the requirements for a protocol that allows IP proxying. It does not discuss how the IPs assigned are determined, managed, or translated. While these details are important for producing a functional system, they do not need to be handled by the protocol beyond the ability to convey those assignments. I would claim that the use case implies that certain address architecture needs to be supported. I think not being specific about that actually makes it harder to validate that the protocol actually supports the intended use cases. I think the discussion we have had so far would have benefitted from actually drawing examples of cases that people desire to support. I don't think they are particular many. However, especially the network to network use case discussion would have benefitted from some examples of intended deployments. To conclude I don't think this document is ready declare any form of WG consensus on. Cheers Magnus Westerlund
- [Masque] WGLC for "Requirements for a MASQUE Prot… Christopher Wood
- Re: [Masque] WGLC for "Requirements for a MASQUE … Magnus Westerlund
- Re: [Masque] WGLC for "Requirements for a MASQUE … Mirja Kuehlewind
- Re: [Masque] WGLC for "Requirements for a MASQUE … David Schinazi
- Re: [Masque] WGLC for "Requirements for a MASQUE … Eric Rescorla
- Re: [Masque] WGLC for "Requirements for a MASQUE … Töma Gavrichenkov
- Re: [Masque] WGLC for "Requirements for a MASQUE … Jana Iyengar
- Re: [Masque] WGLC for "Requirements for a MASQUE … Martin Thomson
- Re: [Masque] WGLC for "Requirements for a MASQUE … Mirja Kuehlewind
- Re: [Masque] WGLC for "Requirements for a MASQUE … Mirja Kuehlewind
- Re: [Masque] WGLC for "Requirements for a MASQUE … Töma Gavrichenkov
- Re: [Masque] WGLC for "Requirements for a MASQUE … Alex Chernyakhovsky
- Re: [Masque] WGLC for "Requirements for a MASQUE … Magnus Westerlund
- Re: [Masque] WGLC for "Requirements for a MASQUE … Magnus Westerlund
- Re: [Masque] WGLC for "Requirements for a MASQUE … David Schinazi
- Re: [Masque] WGLC for "Requirements for a MASQUE … Magnus Westerlund
- Re: [Masque] WGLC for "Requirements for a MASQUE … Magnus Westerlund
- Re: [Masque] WGLC for "Requirements for a MASQUE … Christopher Wood
- Re: [Masque] WGLC for "Requirements for a MASQUE … David Schinazi
- Re: [Masque] WGLC for "Requirements for a MASQUE … Eric Rescorla
- Re: [Masque] WGLC for "Requirements for a MASQUE … Alex Chernyakhovsky
- Re: [Masque] WGLC for "Requirements for a MASQUE … Magnus Westerlund
- Re: [Masque] WGLC for "Requirements for a MASQUE … Spencer Dawkins at IETF
- Re: [Masque] WGLC for "Requirements for a MASQUE … Martin Duke
- Re: [Masque] WGLC for "Requirements for a MASQUE … Martin Duke
- Re: [Masque] WGLC for "Requirements for a MASQUE … Alex Chernyakhovsky
- Re: [Masque] WGLC for "Requirements for a MASQUE … Christopher Wood
- Re: [Masque] WGLC for "Requirements for a MASQUE … David Schinazi
- Re: [Masque] WGLC for "Requirements for a MASQUE … Spencer Dawkins at IETF
- Re: [Masque] WGLC for "Requirements for a MASQUE … Mark Nottingham
- Re: [Masque] WGLC for "Requirements for a MASQUE … Magnus Westerlund
- Re: [Masque] WGLC for "Requirements for a MASQUE … David Schinazi
- Re: [Masque] WGLC for "Requirements for a MASQUE … Spencer Dawkins at IETF
- Re: [Masque] WGLC for "Requirements for a MASQUE … Chris Box
- Re: [Masque] WGLC for "Requirements for a MASQUE … David Schinazi
- Re: [Masque] WGLC for "Requirements for a MASQUE … Chris Box
- Re: [Masque] WGLC for "Requirements for a MASQUE … Spencer Dawkins at IETF
- Re: [Masque] WGLC for "Requirements for a MASQUE … David Schinazi
- Re: [Masque] WGLC for "Requirements for a MASQUE … Spencer Dawkins at IETF
- Re: [Masque] WGLC for "Requirements for a MASQUE … Magnus Westerlund
- Re: [Masque] WGLC for "Requirements for a MASQUE … David Schinazi
- Re: [Masque] WGLC for "Requirements for a MASQUE … Magnus Westerlund
- Re: [Masque] WGLC for "Requirements for a MASQUE … Alex Chernyakhovsky
- Re: [Masque] WGLC for "Requirements for a MASQUE … Magnus Westerlund
- Re: [Masque] WGLC for "Requirements for a MASQUE … Eric Kinnear