Question:
I am confused about who can do (or rather who usually does) whitelisting - the master or the peripheral device?
My findings so far:
I can't find a certain answer, but a lot of answers and the documentation itself mentions whitelisting together with advertising which makes me think that whitelisting is done by peripheral device (by accepting connection only from those masters who are in its whitelist). However, in ble_app_uart_c_S120 example the whitelisting seems to be implemented on master's side in scan_start() function.
So, who does whitelisting? Am I thinking right that in some case central can do whitelisting (selective scanning) while in others peripheral (whitelist advertising, limiting who can connect); so there are two use cases?
For future readers, this question is related Simpe whitelisting How-To question.
