[EAS] This weeks IPAWS RWT

Harold Price hprice at sagealertingsystems.com
Mon Apr 26 15:41:41 CDT 2021 

Mike and others:

There is much to be learned from testing, and even more so for failed tests.  Here is the takeaway from the April 26 Monday failed RWT test for those on the receiving end.
The test messages had a mismatch between the digest (think checksum) inside the message, and the digest computed by receivers.  This is a part of the validation for an alert and checking it is required by 11.56(c) - "EAS Participants shall configure their systems to reject all CAP-formatted EAS messages that include an invalid digital signature."
Today's RWTs had a mismatch between the message digest and the computed digest.  All devices should have rejected it.
In the case of the Sage ENDEC, you should not have seen the FEMA RWT in the main alert log.  If you did see the RWT, here are three reasons why, and what you should do about it.
1)    If the alert arrived via CAP, then you almost certainly have the signature validation settings set to allow bad signatures.  You want to have the default settings for the IPAWS server on the CAP tab, which are Enable Polling, Enforce CAP 1.2, Verify Signature, and Require Signature checked; and No SSL Check and Accept Bad Signature NOT checked.

2)    If the alert arrived via some other CAP source, such as a CAP satellite feed, then you need to check the ENDEC's settings for that CAP server.

3)    If the alert arrived via an analog input, then an upstream device may be misconfigured.  There are some 3rd party boxes that will receive a CAP message and output the analog legacy EAS format as audio.  Some stations in some states will have that box connected to an ENDEC audio input.  If that box is configured to pass CAP messages with validation errors to the analog output, then it needs to be checked.
 
The ENDEC reports failed validations in a temporary log on its tools/ipaws page. The error message to look for is Signature did not verify for [alert id] [error code], alert ignored.
Other vendors do things differently, but all should have a way to reject messages.  If your device received today's alerts without comment, or accepted (instead of rejected) it for processing with an annotation, check your settings.  If the alert appears in the log, you want to see a note that it was rejected, per 11.56(c).
Harold 

On Mon, Apr 26, 2021 at 3:40 PM Mike Tosch <mike.tosch at gmail.com> wrote:
>Harold Price from Sage Alerting....  Can we get some direction for this situation with the Sage boxes?

>Mike Tosch

More information about the EAS mailing list