MITM protection implementation for BLE pairing

You need to have certain features to enable this, or use NFC Out-of-band(OOB)

#define SEC_PARAM_IO_CAPABILITIES   BLE_GAP_IO_CAPS_NONE                /**< No I/O capabilities. */

With IO capabilities enabled you would be able to display a code or enter a code, to enable MITM capabilities.

Do I need to enter a code through I/Os to be able to use MITM?  

Do I need to enter a code through I/Os to be able to use MITM?  

I believe so, have a look at nRF5_SDK_17.0.2_d674dde\examples\ble_peripheral\ble_app_gls\main.c

In this example MITM is enabled, and the device has the ability to display.

Alternatively you could use NFC or UART OOB and also have MITM protection. Have a look at the example project nRF5_SDK_17.0.2_d674dde\examples\ble_central\experimental\ble_app_hrs_nfc_c

The Idea with MITM protection is that it there must be some part that is not accessible to the man-in-the-middle. In BLE it is done by passing a code to the user through a display or passed from one device to another through NFC / UART.

Thanks. So these seems the only options for MITM protection implementation: Display a code, NFC, and UART OOB.

In my case I have two Adafruit Feather seating far from each other, seems to me that MITM is not implementable in this case and I should perform BLE paring as Just Works. Please confirm.