TD0640: Handling BT devices that do not support encryption
What is the expectation for devices which do not support encryption at all, and how does that matter for these SFRs?
In a strict reading, the implication is that if a remote device doesn’t support encryption, then it shouldn’t be allowed, but that also blocks a lot of minimal power sensors (mainly but not exclusively health monitoring, but also some other short range components like the S-Pen) from being able to be used. Most of the things that don’t support encryption tend to be one-way devices that only send to the TOE, and are not 2 way.
The Application Note for FTP_BLT_EXT.3/BR is modified as follows, with underlines denoting additions:
Application Note: Encryption is mandatory for BR/EDR connections when both devices support Secure Simple Pairing. Minimum encryption requirements will be set and verified for each Bluetooth profile/application. However, when the TOE is in the Bluetooth Observer role, one-way devices (e.g., unconnectable Bluetooth Broadcasters) can send unencrypted communications (e.g., beacon or advertisement messages) to the TOE and the TOE can accept them because they are outside the Trusted Channel.
Even establishing a secure session requires starting with an untrusted advertisement packet, and the TOE should be able to listen to devices that might demand less security when in Observer mode.