W3C home > Mailing lists > Public > public-web-bluetooth-log@w3.org > January 2017

Re: [web-bluetooth] Provide an option to bond device before connecting to device

From: Emill via GitHub <sysbot+gh@w3.org>
Date: Sat, 28 Jan 2017 02:34:23 +0000
To: public-web-bluetooth-log@w3.org
Message-ID: <issue_comment.created-275821326-1485570862-sysbot+gh@w3.org>
Not that I'm really a fan of Apple's principles, but Apple seems to 
like the idea to pair on demand rather than upon connection start. See
 
https://developer.apple.com/hardwaredrivers/BluetoothDesignGuidelines.pdf,
 paragraph 3.9, page 23:

> The accessory should not request pairing until an ATT request is 
rejected using the Insufficient Authentication error code. See the 
Bluetooth 4.0 specification, Volume 3, Part F, Section 4 for details.

> If, for security reasons, the accessory requires a bonded 
relationship with the Central, the Peripheral should reject the ATT 
request using the Insufficient Authentication error code, as 
appropriate. As a result, the Apple product may proceed with the 
necessary security procedures.

> Similarly, if the iOS device acts as a Central and a GATT server, it
 may reject an ATT request using the Insufficient Authentication error
 code. The accessory should initiate the security procedure for 
pairing in response.

-- 
GitHub Notification of comment by Emill
Please view or discuss this issue at 
https://github.com/WebBluetoothCG/web-bluetooth/issues/346#issuecomment-275821326
 using your GitHub account
Received on Saturday, 28 January 2017 02:34:29 UTC

This archive was generated by hypermail 2.3.1 : Saturday, 28 January 2017 02:34:30 UTC