Draft:  draft-ietf-sip-target-dialog-03
Reviewer: Spencer Dawkins [spencer@mcsr-labs.org]
Review Date: Tuesday 12/27/2005 3:13 PM CST
LC Date: Jan 3, 2006

Summary: this specification is almost ready for publication as a Proposed 
Standard.

Nit++ ("a little more than a Nit"): I found one sentence that didn't make 
sense, in the Security Considerations section:

  The second condition is that the dialog
   identifiers be cryptographically random that they cannot be guessed.

If this was supposed to be "sufficiently cryptographically random", the 
sentence would make sense, and I would agree with it...

>From http://www3.ietf.org/proceedings/05nov/sip.html (discussion at the 
second IETF 64 SIP session): "Noted by Cullen Jennings & Robert Sparks that 
3261 already recommends the use of crypto-random tag values, but that 
existing implementations do not use enough bits to have sufficient 
randomness. This shows a need for more than rough guidance on this sort of 
thing."

I'm reading the minutes as saying that it might be good to define 
"sufficiently"...