Hi, I need a little help with understanding to implement security in my application.
Most examples used by Nordic have public advertising on, so any device can connect to it. In a real application this is mostly undesirable due to the fact that anybody within range can connect with a general Bluetooth connect app (e.g. from Nordic) and change characteristic values.
I know that a whitelist exists for this. So any central who connects to a peripheral has to bond in order to be added to the whitelist. The only downside of this approach is that the softdevice only allows 8 devices to connect. In our application it's possible that more then 8 centrals over time will connect (a smartphone/tablet will be used as central). Since the added device is not deleted, the whitelist can be full over time and no new central can connect.
Is there any other way of how to approach this?