My question is in regards to BLE security. I have certain characteristics that I want to remain open. As they will be used to determine authentication at the application level. Once authentication has been determined at the application level I intend to issue a bonding request from the central (phone) to the peripheral (nrf51822).
I see that all characteristics read/write permissions can be set independently, but I also see that the gap_params_init function sets the security level for the GAP as well. To make my scheme work should I leave the GAP security level open, and just set the characteristics I want to protect until after bonding to the necessary security level?
Additionally, when using MITM protection with passkey. Will the central (phone) always prompt the user for key entry, or can a psuedo random number be generated and entered all behind the scenes? It is my understanding that the Andoid and IOS are configured to prompt the user for input when a Bond with Passkey (MITM protection) is being interpreted.