There’s a technical change happening Monday (July 6), and if your equipment isn’t current, it could affect your station’s ability to receive EAS messages from IPAWS, the Integrated Public Alert & Warning System.
We’ve reported on this over the past year and a half but now a practical deadline is here. Radio World checked in with Deputy Press Secretary Janet Montesi of the Federal Emergency Management Agency.
Radio World: We understand that an older version of the Transport Layer Security protocol will be turned off next week and that some EAS devices in the field could be affected. Why is that?
Janet Montesi: Transport Layer Security (TLS) is a protocol that enables privacy and integrity for communications with web servers. In order to maintain compliance with DHS security requirements, IPAWS has updated the EAS feed servers to use the current and approved Transport Layer Security version (TLS 1.2). IPAWS will discontinue the use of older, less secure versions. Older versions of TLS have vulnerabilities that could compromise the integrity of EAS communications.
[Read more about the background of this story: “Broadcasters Need to Keep an Eye on Latest Updates”]
RW: What will happen if a device is not up to date?
Montesi: There may be some broadcasters who may not have updated their EAS receivers by July 6, 2020. These broadcasters would be out of compliance with FCC rules and will not receive EAS messages via the Integrated Public Alert and Warning System. It is their responsibility to ensure compliance and keep their EAS receivers updated. FEMA, the FCC and the EAS vendor community have provided ample time to make these updates.
RW: How many devices in the field might be affected?
Montesi: Each EAS participant is required to have at least one device. FEMA does not maintain information on the number of devices installed in broadcast facilities.
RW: How would a user know whether their device is current?
Montesi: This has been in the works for over 18 months, allowing device manufacturers to make the necessary updates to their devices. This has been communicated to broadcasters via EAS participant listservs as well. Broadcasters should work check with their device manufacturer to ensure their device(s) contain the most up to date versions of software.
RW: Anything else we should know?
Montesi: IPAWS has worked with the EAS vendor community for 18 months to ensure EAS receivers can support the current and approved TLS version. The 18-month timeframe was necessary for EAS vendors to create software updates and to give broadcasters enough time to update their EAS devices. IPAWS will implement the change on July 6, 2020.
More information can be found in the NIST Special Publication 800-52 Revision 2: Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations (https://doi.org/10.6028/NIST.SP.800-52r2)
