Document: draft-ietf-sipping-e2m-sec-reqs-05.txt
Title: "Requirements for End-to-Middle Security for the Session
	Initiation Protocol (SIP)"
Intended Status: informational
Reviewer: Suzanne Woolf
Review Date: 2 February 2004
New item


This document seems to be in pretty good shape to be published as
Informational; it motivates the need for e2m and describes the
characteristics of successful e2m security for SIP.

However, I have some reservations. I may have found it hard to follow
simply because I know little about the underlying protocol. But it may
need to be clarified in several places, e.g. "This requirement is not
necessary when a provider that operates the proxy server does not
permit to reveal the security policies to a different provider that
the recipient UA belongs to." I *think* I know what it means but it
might be clearer to say "This requirement is not necessary when the
provider operating the proxy service does not allow its security
policies to be revealed to the provider serving the recipient UA."