Topic: BTLE Samples / Questions on authentication
We had been looking into the ECC-Based exchange sample for BLE:
https://github.com/wolfSSL/wolfssl-exam … change.pdf
The main questions are that we do not really understand how authentication is actually done in this sample. We understand that the
transfer of data is safely encrypted but with this implementation, everyone could exchange data with each other.
What we'd care about is a safe way to authenticate the client (using PKI and provisioned certifcate on server) so we know for sure the client is
allowed to access.
Furthermore I am confused how would we be able to validate a certificate on client side for expiration? For example the client might use
a certificate that is already expired and the server should understand that and being unable to establish a connection then.
And is it possible for someone if he'd have access to the client certificate but its expired to extend its expirationa and re-use it?
thanks a lot