From: Marcel Holtmann <marcel@holtmann.org>
To: Bhatt Abhi-ABHATT <ABHISHEK.BHATT@motorola.com>
Cc: Stephen Crane <steve.crane@rococosoft.com>,
BlueZ Mailing List <bluez-devel@lists.sourceforge.net>
Subject: RE: [Bluez-devel] Service level security for RFCOMM
Date: Fri, 29 Oct 2004 16:47:11 +0200 [thread overview]
Message-ID: <1099061231.10164.62.camel@pegasus> (raw)
In-Reply-To: <5987A7CB1694D811A04D0002B32C289601BF3BFE@il93exb05.corp.mot.com>
Hi Abhi,
> Service level security is required for JSR-82 like Steve pointed it out.
> For anyone implementing JSR-82, they would have to add this service level
> security themselves. It would be most useful to have it as part of bluez
> rather than have people implement their own way of it.
actually you can't implement it in a sane way in userspace, because you
don't have control over the RFCOMM signalling channel.
> Marcel, if you recall, we've exchanged an email regarding service level security. At that point, you had mentioned thinking about a security manager embedded in bluez that would allow it.
This is a little bit different, because this is more basic stuff. You
need to integrate the trigger points of the Bluetooth security mechanism
into the RFCOMM layer. And actually the state machine of RFCOMM is more
complex than the one of L2CAP. For me it is not clear at the moment what
is the best thing to do without breaking anything.
So the question still stands. Should we already force authentication
when the peer sends PN CMD?
> I am currently working on implementing JSR-82 which requires this level
> of security. If anyone has already implemented or has a good way of doing it,
> please let me know. I would be very interested.
As mentioned above the only way is inside the kernel, because otherwise
you will trigger after the MSC exchange and this is too late.
> Also, currently there is no service level security in l2cap for outgoing
> connections. I would like to know if someone has already taken a stab at it
> and if this should be part of bluez in the future.
You must convince me that this is really needed and a good idea. For
what kind of application do you wanna use it?
Regards
Marcel
-------------------------------------------------------
This Newsletter Sponsored by: Macrovision
For reliable Linux application installations, use the industry's leading
setup authoring tool, InstallShield X. Learn more and evaluate
today. http://clk.atdmt.com/MSI/go/ins0030000001msi/direct/01/
_______________________________________________
Bluez-devel mailing list
Bluez-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bluez-devel
next prev parent reply other threads:[~2004-10-29 14:47 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-10-29 14:36 [Bluez-devel] Service level security for RFCOMM Bhatt Abhi-ABHATT
2004-10-29 14:47 ` Marcel Holtmann [this message]
2004-10-29 15:10 ` Stephen Crane
2004-10-29 16:40 ` Marcel Holtmann
2004-11-01 12:02 ` Stephen Crane
2004-11-01 12:17 ` Marcel Holtmann
-- strict thread matches above, loose matches on Subject: below --
2004-10-29 20:04 Bhatt Abhi-ABHATT
2004-10-29 20:22 ` Marcel Holtmann
[not found] <5987A7CB1694D811A04D0002B32C289601BF3C03@il93exb05.corp.mot.com>
2004-10-29 19:41 ` Marcel Holtmann
2004-10-29 15:35 Bhatt Abhi-ABHATT
2004-10-29 15:53 ` Stephen Crane
2004-10-29 17:05 ` Marcel Holtmann
2004-10-29 17:02 ` Marcel Holtmann
2004-10-29 4:42 Marcel Holtmann
2004-10-29 4:46 ` James Cameron
2004-10-29 4:55 ` Marcel Holtmann
2004-10-29 9:31 ` Stephen Crane
2004-10-29 10:34 ` Fred Schaettgen
2004-10-29 12:10 ` Marcel Holtmann
2004-10-29 12:02 ` Marcel Holtmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1099061231.10164.62.camel@pegasus \
--to=marcel@holtmann.org \
--cc=ABHISHEK.BHATT@motorola.com \
--cc=bluez-devel@lists.sourceforge.net \
--cc=steve.crane@rococosoft.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox