Am I right in thinking that these security parameters are contradictory in that for the peripheral (nRF51822) to provide MITM protection, there must be either IO capabilities or out of band capabilities?
#define SEC_PARAM_TIMEOUT 30
#define SEC_PARAM_BOND 1
#define SEC_PARAM_MITM 1
#define SEC_PARAM_IO_CAPABILITIES BLE_GAP_IO_CAPS_NONE
#define SEC_PARAM_OOB 0
#define SEC_PARAM_MIN_KEY_SIZE 7
#define SEC_PARAM_MAX_KEY_SIZE 16
The Soft Device seems to have no problem in accepting them:
err_code = sd_ble_gap_sec_params_reply(m_conn_handle,
BLE_GAP_SEC_STATUS_SUCCESS,
&m_sec_params);
APP_ERROR_CHECK(err_code);