andrzej-kaczmarek commented on issue #726: [DO NOT MERGE] host: Don't allow unauth pairing if MITM protection required URL: https://github.com/apache/mynewt-nimble/pull/726#issuecomment-572475553 This is partially correct. We can set our mitm=1 if we either mandate MITM or if we allow to downgrade to mitm=0 and proceed with unauthenticated pairing - this is up to implementation and we do the latter. However, if remote device set mitm=1 we cannot assume that it will not accept pairing without MITM. That said, we either keep current behavior or add some setting to control our MITM policy (either separate setting or just say mitm=2 means we require MITM). I'd say current behavior is ok since in case we have unauthenticated pairing subsequent access to GATT database which requires authenticated key will be rejected or application can simply disconnect link if it does not want unauthenticated link. The relevant test case which verifies this behavior is GAP/SEC/AUT/BV-17-C. It has 2 alternatives depending on mentioned policy of IUT. We now pass this test case because we set IXIT_iut_mandates_mitm=0. After changing the behavior we would need to also adjust this settings in PTS.
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
