From a13d876205c23b0f63bd5614f51024fabe3dcc5e Mon Sep 17 00:00:00 2001
From: Unsuk Jung <unsuk@google.com>
Date: Tue, 29 Sep 2015 22:25:08 -0700
Subject: CDD: Require 15-min rotation of BLE RPA

As more and more apps might scan for beacons with Bluetooth Low
Energy (BLE), it is important for the end user's privacy to
implement Resolvable Private Address (RPA) rotation policy to
rotate the address at least every 15 minutes.

Bug: 24359397
Change-Id: Ib85cb9d012aba944f7f237660bed920a7cc35fa5
---
 src/compatibility/android-cdd.html | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/compatibility/android-cdd.html b/src/compatibility/android-cdd.html
index d0487dc0..9869f199 100644
--- a/src/compatibility/android-cdd.html
+++ b/src/compatibility/android-cdd.html
@@ -3503,6 +3503,8 @@ device implementations MUST support Bluetooth and Bluetooth LE. </p>
   <li>MUST declare the hardware feature android.hardware.bluetooth_le.</li>
   <li>MUST enable the GATT (generic attribute profile) based Bluetooth APIs as
 described in the SDK documentation and [<a href="http://developer.android.com/reference/android/bluetooth/package-summary.html">Resources, 82</a>].</li>
+  <li>MUST implement a Resolvable Private Address (RPA) timeout no longer than
+15 minutes, and rotate the address at timeout to protect user privacy.</li>
   <li>SHOULD support offloading of the filtering logic to the bluetooth chipset when
 implementing the ScanFilter API [<a href="https://developer.android.com/reference/android/bluetooth/le/ScanFilter.html">Resources, 83</a>], and MUST report the correct value of where the filtering logic is implemented whenever queried via the
 android.bluetooth.BluetoothAdapter.isOffloadedFilteringSupported() method.</li>
-- 
cgit v1.2.3