[EAS] Certs and PKIs
Ed Czarnecki
ed.czarnecki at monroe-electronics.com
Thu Sep 6 08:19:35 CDT 2018
The Federal PKI is changing in Nov 2019, so that is why there will be a cert
update even though the cert expiration dates will not yet have not passed.
All part of that arcane Federal PKI thing. And to compound matters, the
Federal PKI changes impact the vendors of these certs, which then in turn
impact IPAWS (and then all of us in turn).
I believe the 2019 change will impact the global common root, so all EAS
vendors will need to be ready for that adjustment (setting aside the whole
discussion of the appropriateness of using stand-alone certs instead of the
FEMA-provided cross-signed certs).
Canada has one method of semi-dynamically validating their certs in the
Canadian NAAD system. IPAWS is considering a different method. All means
to the same end - improved authentication of digitally signed CAP messages.
-----Original Message-----
From: EAS [mailto:eas-bounces at radiolists.net] On Behalf Of Sean Donelan
On Wed, 5 Sep 2018, Ed Czarnecki wrote:
> It is a "digital cert thing" not so much an "IPAWS thing." And to be fair
> to FEMA IPAWS, they have provided the certs as soon as they got them from
> their source. For whatever reason, certs tend to be generated a month or
> less before expiration date.
More information about the EAS
mailing list