3.3.5.4 Establishing session with anonymous client

When the server receives a request that is destined to a conference GRUU, as specified in [MS-SIPRE] and the From: header in the message is an anonymous URI of the form <username>@anonymous.invalid and the request does not carry either an Authorization or Proxy-Authorization header field, it SHOULD<25> challenge with Digest authentication protocol as described in [RFC3261] section 22.4 with algorithm parameter value of MD5‑sess or SHA256‑sess. For an example, see section 4.5.