security manager doc #418
security manager doc #418
Conversation
Copy edit for active voice, consistent spelling across documents and consistent tense.
| @@ -0,0 +1,21 @@ | |||
| ## SecurityManager | |||
|
|
|||
| SecurityManager deals with authentication and encryption for the link. The process of pairing and optionally bonding provides this. Bonding is achieved by saving the pairing information to be reused on subsequent reconnections. | |||
There was a problem hiding this comment.
Query: What link? Could you please provide more context here?
Query: Who or what achieves bonding by saving the pairing information to be reused? Reused by whom or by what?
There was a problem hiding this comment.
thanks, information added
|
|
||
| SecurityManager deals with authentication and encryption for the link. The process of pairing and optionally bonding provides this. Bonding is achieved by saving the pairing information to be reused on subsequent reconnections. | ||
|
|
||
| The process of pairing may produce a set of keys to be used during current or later connections. These are handled by the Security Manager and include the Long Term Encryption Key (LTK), the Identity Resolving Key (IRK) and the Connection Signature Resolving Key (CSRK). The LTK is used to encrypt subsequent connections. IRK is used to identify peers who use random resolvable addresses. CSRK is used to sign and authenticate signed data. |
There was a problem hiding this comment.
Query: Who or what uses the LTK to encrypt subsequent connections?
Query: Who or what uses IRK to identify peers?
Query: Who or what uses CSRK to sign and authenticate signed data?
There was a problem hiding this comment.
thanks, information added
|
|
||
| The process of pairing may produce a set of keys to be used during current or later connections. These are handled by the Security Manager and include the Long Term Encryption Key (LTK), the Identity Resolving Key (IRK) and the Connection Signature Resolving Key (CSRK). The LTK is used to encrypt subsequent connections. IRK is used to identify peers who use random resolvable addresses. CSRK is used to sign and authenticate signed data. | ||
|
|
||
| The pairing process may provide man-in-the-middle protection (MITM). This is achieved through various means, including out of band communication, depending on the capabilities of the local and peer device. |
There was a problem hiding this comment.
Query: Could we replace the second sentence with "You can achieve MITM protection through band communication, depending on the capabilities of the local and peer device." for active voice?
There was a problem hiding this comment.
changed into active voice, thanks
…nek-arm/Handbook into 5.7"" This reverts commit df15dfb.
|
|
||
| The Security Manager will store the keys, if possible permanently, to speed up security requests on subsequent connections. | ||
| The SecurityManager stores the keys, permanently if possible, to speed security requests on subsequent connections. |
There was a problem hiding this comment.
what's wrong with "speed up"?
|
ignore the reverts - I got seriously confused, erm, I mean I seriously confused myself ;) |
Copy edit for active voice.
|
|
||
| The SecurityManager example demonstrates both a central and a peripheral connecting and performing basic pairing and setting up link security. | ||
|
|
||
| [](https://os.mbed.com/teams/mbed-os-examples/code/mbed-os-example-ble-SM) |
There was a problem hiding this comment.
We've added you to Teams. Please create your example there, and let me know if you have any permissions issues.
There was a problem hiding this comment.
@AnotherButler good to merge?
|
With 5.8 coming up, I'm re-creating this against the test site instead of the 5.7 live site. Because of this, I'm closing this PR in favor of PR #450 |
same problem as the GAP pull request - the example pages don't exist