Re: [web-bluetooth] Feature Request: Enhance Security by Sending Domain as Meta-data (#435) from Vincent Scheib via GitHub on 2019-05-03 (public-web-bluetooth-log@w3.org from May 2019)

From: Vincent Scheib via GitHub <sysbot+gh@w3.org>
Date: Fri, 03 May 2019 22:02:38 +0000
To: public-web-bluetooth-log@w3.org
Message-ID: <issue_comment.created-489253806-1556920957-sysbot+gh@w3.org>

Put another way, the responsibility to secure the communication between a domain and device from the same manufacturer is left at a higher level than Bluetooth, or Web Bluetooth.  E.g. if a device manufacturer desires to have devices only accept signed firmware updates then they implement logic to validate this at a higher level.  That would be agnostic to browsers and Web Bluetooth.

Nordic Device Firmware Update process is one example.  I'm privately aware of another manufacturer who I believe used https://en.wikipedia.org/wiki/Advanced_Encryption_Standard for sensitive data writes.

-- 
GitHub Notification of comment by scheib
Please view or discuss this issue at https://github.com/WebBluetoothCG/web-bluetooth/issues/435#issuecomment-489253806 using your GitHub account

Received on Friday, 3 May 2019 22:02:40 UTC