1. I think there should be something pointing out the limitations of GRUU for obtaining an anonymous contact URI. A temporary GRUU will still reveal the issuing domain, i.e., the domain with which the user registers. For the From URI we specify sip:[EMAIL PROTECTED] (except where SIP Identity is used), but I don't see the point in this if Contact reveals the domain.
2. In section 5.3, I think there should be a statement about sending the SIP request to the relay server. 3. "A user agent generating an anonymous SIP message supporting this specification SHOULD conceal host names in any SIP headers, such as Call-ID and Warning headers, but it is not always regarded as essential privacy-sensitive information." I don't understand what is mean by "not always regarded as essential privacy-sensitive information". Either a host name in such a header field is privacy-sensitive or it is not, so the word "essential" seems redundant. 4. In the Security Considerations section, should there be mention of the fact that a STUN relay server can introduce addition security considerations if the signalling and/or media are not appropriately secured, e.g., using TLS or SRTP? 5. I have a large number of editorial points, which I will submit directly to the author. John _______________________________________________ Sip mailing list https://www.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [EMAIL PROTECTED] for questions on current sip Use [EMAIL PROTECTED] for new developments on the application of sip
