On Fri, 2010-08-27 at 15:26 +0300, Waldemar.Rymarkiewicz@xxxxxxxxx wrote: > Hi, > > >-----Original Message----- > >From: Bastien Nocera [mailto:hadess@xxxxxxxxxx] > >Sent: Friday, August 27, 2010 2:12 PM > >To: Rymarkiewicz Waldemar > >Cc: linux-bluetooth@xxxxxxxxxxxxxxx; > >par-gunnar.p.hjalmdahl@xxxxxxxxxxxxxx; > >joakim.xj.ceder@xxxxxxxxxxxxxx; johan.hedberg@xxxxxxxxx > >Subject: Re: [PATCH] BT_SECURITY_HIGH requires 16 digit pin code > > > >On Fri, 2010-08-27 at 13:45 +0200, Waldemar Rymarkiewicz wrote: > >> The security level BT_SECURITY_HIGH expects secure connection and a > >> minimum 16 digit pin code used for bonding. It's requitred > >by the Sim > >> Access Profile. > > > >How is user-space (meaning the pairing agent) supposed to handle that? > >I'd need to make changes to gnome-bluetooth to use longer PIN > >codes for the maximum security. > > > >Cheers > > > > I assume that user will know that the 16 digit pin is requred, so > should be enough to let the user type 16 digit in an agent I guess. > Usually a service that requires high security will generate right pin > code. How would they know? Pairing the device isn't connecting to the service... Furthermore, gnome-bluetooth's wizard takes a lot of care generating pin codes for the user by default, so we'd need to know that a 16 digit pin code is required. Supporting 16 digits pin code would probably require interface changes. And I was under the impression that the PIN code's length didn't come into account for the creation of the encryption, just for the initial challenge-response needed to verify the device is who it says it is. > Originaly the high security level was planned to require max pin code > lenght as I know. -- To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
