[sbe-eas] States and the 180 day clock - encryption and authentication

[Art Botterell]

Got a bit of follow-up info from a source on the DMIS team: "Digital signatures will be available at the SOAP envelope (wrapper) level in IPAWS-OPEN 2.0. Digital signatures will be available at the message (CAP) level with the release of IPAWS-OPEN 3.0."

Which appears to mean that there's no actual intention to implement digital signature security on EAS side of IPAWS, even in the upcoming OPEN 2.0 implementation.  At least not unless FEMA mandates use of the same SOAP envelope on the output side as at the input, which isn't normally the way SOAP works.  (A SOAP envelope is just a set of additional XML tags that go before and after the actual data payload, in this case the CAP message, to provide addressing and other message-routing within multi-format messaging systems.)

Note also that 'available' is very different from 'required.'

- Art