From: Johan Hedberg <johan.hedberg@gmail.com>
To: tim.howes@accenture.com
Cc: Mike.Tsai@Atheros.com, linux-bluetooth@vger.kernel.org
Subject: Re: [PATCH] Adding a new option to specify security level for gatttool
Date: Thu, 18 Nov 2010 14:19:52 +0200 [thread overview]
Message-ID: <20101118121952.GA3609@jh-x301> (raw)
In-Reply-To: <1AFE20D16950C745A2A83986B72E8748011F571E7497@EMEXM3131.dir.svc.accenture.com>
Hi Tim,
Nice to see you on this list! :)
On Wed, Nov 17, 2010, tim.howes@accenture.com wrote:
> > [Mtsai] I am not sure what are the definition of "low", "medium" or
> > "high". By the spec of Core 4.0, LE has 2 security modes and different
> > security levels based on the method of pairing (or bonding). It may be
> > appeal to end user with "low", "medium" and "high" definition, but it
> > can't be reference with LE spec. I would suggest, instead, following
> > terms,
> >
> > "No security",
> > "unauthenticated encryption",
> > "authenticated encryption",
> > "unauthenticated data signing",
> > "authenticated data signing,
>
> To some extent I agree; however, the semantics of such an API would
> have to be careful. A particular profile should not "force" data
> signing because if the link is already encrypted there is little point
> using data signing. So from that point of view exposing a more
> abstract API (a bit like "high") is better. However, it is hard to
> map "high" onto any of the ones you listed (which I agree is a good
> list). So perhaps it is better to have the API semantics as
> "advisory" or "requests" which can be fulfilled by the underlying
> stack in other ways (eg encryption for data-signing).
Something like that will probably be needed, yes. However the idea of
the current command line switch to gatttool is to simply map to the
existing kernel API, and that API only has low, medium and high. So at
least in the short term the patch is fine.
Johan
prev parent reply other threads:[~2010-11-18 12:19 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-11-16 13:20 [PATCH] Adding a new option to specify security level for gatttool Sheldon Demario
2010-11-16 15:36 ` Johan Hedberg
2010-11-17 14:25 ` Mike Tsai
2010-11-17 15:03 ` tim.howes
2010-11-17 16:57 ` Mike Tsai
2010-11-18 12:19 ` Johan Hedberg [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20101118121952.GA3609@jh-x301 \
--to=johan.hedberg@gmail.com \
--cc=Mike.Tsai@Atheros.com \
--cc=linux-bluetooth@vger.kernel.org \
--cc=tim.howes@accenture.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox