10 December 2006. Add NSA response.
NATIONAL SECURITY AGENCY
CENTRAL SECURITY SERVICE
FORT GEORGE G. MEADE, MARYLAND 20755-6000
FOIA Case: 51573
6 December 2006
Mr, John L. Young
251 West 89th Street, Suite 6E
New York, NY 10024
Dear Mr. Young:
This is an initial response to your Freedom of Information Act (FOIA) request submitted via facsimile on 9 October 2006, which was received by this office on 10 October 2006, for 93 separate publications pertaining to National Security Systems Issuances as listed on the index at http://www.cnss.gov. Your request has been assigned Case Number 51573. This letter indicates that we have begun to process your request. There is certain information relating to this processing about which the FOIA and applicable Department of Defense (DoD) and NSA/CSS regulations require we inform you.
For purposes of this request and based on the information you provided in your letter, you are considered an "all other" requester. As such, you are allowed 2 hours of search and the duplication of 100 pages at no cost. Be advised that NSA regulations preclude the conducting of partial searches.
We estimate that the costs involved to search for material responsive to your request will be approximately $176.00. Fees are assessed in accordance with DoD Regulation 5400.7-R. Search fees are computed at $44.00 an hour. You are entitled to two hours of search at no charge, therefore, we estimate your total cost to be approximately $88.00 ($176.00 - $88.00 for two hours of search). Our policy is to request advance payment prior to initiating the search. NSA regulations preclude the conducting of partial searches.
Please be advised that your agreeing to incur these fees will not necessarily result in the disclosure to you of all or any information you seek. If records are found which are responsive to your request, a detailed review to determine the releasability of the information would follow. It has been our experience that any records responsive to your request if such records exist may be classified or otherwise exempt from release in accordance with the exemption provisions of the FOIA. The application of these exemptions to NSA information has been consistently approved by the Federal Judiciary.
This is only an estimate. If, as we process your request, we determine that search fees will be greater than the estimate, we will so notify you before continuing with our search. In addition, please be aware that we estimate that the page count for the 93 articles you request could total as much as 2270 pages. We cannot determine the number of pages to be released until the case has been processed; however, if at least a portion of every page can be released to you, your duplication charges will come to $325.50 (2270 pages - 100 free pages = 2170 pages X $0.15/per page = $325.50).
Based on our preliminary search, because of the volume and complexity of the material you are requesting, we believe your case will be placed in the first-in, first-out processing queue for Non-Personal Complex cases. There are a significant number of cases ahead of yours in that processing queue. Therefore, we encourage you to redefine or narrow the scope of your request to allow us to provide a final response to you more quickly. We will hold your request in abeyance for 30 days from the date of this letter, pending further correspondence from you regarding your wish to narrow your request or continue as it was originally stated.
If you would like us to proceed with the search for information responsive to your request as originally stated, we request that you remit to the FOIA office (see below for address) a check or money order made payable to the Treasurer of the United States in the amount of $88.00 or provide a statement regarding your willingness to pay all assessable fees. Since duplication fees cannot be accurately determined at this time, we can accept a "promise to pay" statement from you for the duplication charges, which should not exceed $325.50. Please include the number assigned to your case on any correspondence to assure that your account is properly credited. If we do not hear from you within 30 days of the date of this letter, we will assume that you are no longer interested in pursuing this request, and we will administratively close your case with no further processing.
Correspondence related to your request should include the case number assigned to your request, which is included in the first paragraph of this letter. Your letter should be addressed to National Security Agency, FOIA Office (DC34), 9800 Savage Road STE 6248, Ft. George G. Meade, MD 20755-6248 or may be sent by facsimile to 443-479-3612. If sent by fax, it should be marked for the attention of the FOIA office. The telephone number of the FOIA office is 301-688-6527.
Sincerely,
PAMELA N. PHILLIPS
Chief FOIA/PA Office
__________
Cryptome 251 West 89th Street
New York NY 10024 212-873-8700
December 10, 2006
National Security Agency
Attn: FOIA/PA Office (DC34)
9800 Savage Road, Suite 6248
Ft. George G. Meade, MD 20755-6248
Re FOIA Case Number 51573
In response to your letter of December 6, 2006, enclosed is my check for $88.00. I agree to pay for additional costs of this request as described in your letter.
Thank you very much.
Sincerely,
John Young
10 October 2006
This requests restricted COMSEC documents listed at http://cryptome.org/cnss-index.htm
Cryptome 251 West 89th Street
New York NY 10024 212-873-8700
By fax: 443-479-3612
October 9, 2006
National Security Agency
Attn: FOIA/PA Office (DC34)
9800 Savage Road, Suite 6248
Ft. George G. Meade, MD 20755-6248
Re Freedom of Information Act Request
For publication on Cryptome.org copies are requested of National Security Systems Issuances as listed at http://www.cnss.gov
_____
CURRENT POLICIES
3 (NTISS) National Policy for Granting Access to U.S. Classified Cryptographic Information (U) 19 Dec 88 FOUO
4 (NSTISS) National Policy on Electronic Keying (U) 16 Nov 92 FOUO
5 (NSTISS) National Policy for Incident Response and Vulnerability Reporting for National Security Systems (U) 30 Aug 93 FOUO
8 (NSTISS) National Policy Governing the Release of INFOSEC Products or Associated INFOSEC Information to Foreign Governments (U) 13 Feb 97 FOUO
10 (CNSS) National Policy Governing the Use of Approved Security Containers in Information Systems Security Applications 16 Dec 04 U//FOUO
11 (NSTISS) National Policy Governing the Acquisition of Information Assurance (IA) and IA-Enabled Information Technology (IT) Products Jun 03 FOUO
12 (NSTISS) National Information Assurance (IA) Policy for U.S Space Systems Jan 01 U//FOUO
15 (CNSS) National Policy on the Use of the Advanced Encryption Standard (AES) to Protect National Security Systems and National Security Information Feb 03 U//FOUO
16 (CNSS) National Policy for the Destruction of COMSEC Paper Material Oct 02 U//FOUO
300 (CNSS) National Policy on Control of Compromising Emanations Apr 2004 U//FOUO
_____
CURRENT DIRECTIVES
503 (NSTISS) Incident Response and Vulnerability Reporting for National Security System (U) 30 Aug 93 FOUO
600 (NSTISS) Communications Security (COMSEC) Monitoring (U) 10 Apr 90 FOUO
_____
CURRENT INSTRUCTIONS
2005 (NACSI) Communications Security (COMSEC) End Item Modification (U) 28 May 81 FOUO
6001 (NACSI) Foreign Military Sales of Communications Security Articles and Services to Foreign Governments and International Organizations (U) 21 Sep 84 C
8105 (NACSI) Operational Doctrine for TSEC/KG-45 (SANCHEZ) (U) 16 Dec 80 S
8116 (NACSI) Operational Doctrine for the TSEC/CI-10 (ELWELL II) (U) 01 Feb 93 C
_____
CURRENT INSTRUCTIONS
3000 (NTISS) Security Doctrine for the TSEC/KW-46 Fleet Broadcast System (U) 04 Apr 86 C
3001 (NTISS) Operational Security Doctrine for the Automanual (AMS) (U) 30 Oct 89 C
3002 (NTISS) Operational Doctrine for the KGV-9 Removable Key Stream Generator Module (U) 05 Sep 86 FOUO
3003 (NSTISS) Operational Security Doctrine for the KG-66/KG-66A/SO-66/KGR-66/KGV-68/KGR-68/KGV-68B (U) Aug 2000 FOUO
3005 (NTISS) Safeguarding & Control of Data Encryption Standard (DES) Equipment & Associated Unclassified Communications Security Aids (U) 16 Mar 87 FOUO
3006 (NSTISS) (U) Operational Security Doctrine for the NAVSTAR Global Position System (GPS) Precise Positioning Service (PPS) User Segment Equipment Aug 2001 FOUO
3008 (NTISS) Operational Security Doctrine for Type I Communications Equipment Containing the FASCINATOR Secure Voice Module (SVM) (U) 01 May 89 FOUO
3010 (NTISS) Operational Security Doctrine for the KY-65A/75A (U) 19 Jul 89 S//NF
3011 (NTISS) Operational Security Doctrine for KY-57/58, KY-67 & KYV-2/2A (U) 13 Oct 89 FOUO
3012 (NTISS) Operational Security Doctrine for the KY-71 (U) 27 Nov 89 FOUO
3013 (NTISS) Operational Security Doctrine for the Secure Telephone Unit III (STU-III) Type I Terminal (U) 08 Feb 90 FOUO
Annex E, System Security Guidance for the Motorola Vehicular-Mounted STU-III Cellular Telephone (Type 1) (U) 22 Feb 91 FOUO
Annex F, Supplemental Operational Security Doctrine for the STU-III/A Terminal (Type 1) (U) 22 Feb 91 FOUO
Annex G, System Security Guidance for the AT&T STU-III Access Control System (SACS) (Type 1) (U) 22 Feb 91 FOUO
Annex H, STU-III Data Port Guidance (U) 27 Nov 91 FOUO
3014 (NSTISS) Management of Off-Line Cryptosystems (U) 01 Feb 91 FOUO
3015 (NSTISS) Operational Security Doctrine for the Fiber Alarmed Modem (FAM)-131 Intrusion Detection Optical Communications System (IDOCS) (U) 28 Feb 91 FOUO
3016 (NSTISS) Operational Security Doctrine for GILLAROO Personal Computer Security Device (PCSD) (U) 02 Jul 91 FOUO
3017 (NSTISS), Operational Security Doctrine for Non-TRI-TAC KG-84A, KG-84C, KIV-7, and KIV-7HS, KIV-7HSA, and KIV-7HSB Mar 03 C
3018 (NSTISS) Operational Security Doctrine for the GUARDSMAN 100 and 100T (U) 08 Jan 92 FOUO
3019 (NSTISS) Operational Security Doctrine for the FASTLANE (KG-075 and KG-75A) 30 Oct 01 U//FOUO
3020 (NSTISS) Operational Security Doctrine for the KL-51 (RACE) (U) 11 Feb 92 FOUO
3021 (CNSS) Operational Security Doctrine for the AN/CYZ-10/10A Data Transfer Device (DTD) (U) Sep 02 FOUO
3022 (NSTISS) Operational Security Doctrine for Trunk Encryption Devices (TEDs) KG-81, KG-94 Family, KG-95 Family, KG-194 Family, and KIV-19 in Stand-Alone Applications Jul 99 U//FOUO
3024 (NSTISS) (U) Operational Security Doctrine for KG-189 Strategic Trunk Encryptor Jan 00 U//FOUO
3025 (NSTISS) (U) Operational Security Doctrine for CIPHERTAC 2000 (CTAC 2000) Aug 99 U//FOUO
3026 (NSTISS) Operational Security Doctrine for the Motorola Network Encryption System (NES) Apr 99 U//FOUO
3029 (CNSS) Operational Systems Security Doctrine for TACLANE (KG-175) May 04 U//FOUO
CNSS-089-04, Changes for CNSS Instruction No. 3029 25 Aug 04 U/FOUO
CNSS-057-06, Changes for CNSS Instruction No. 3029 19 Apr 06 U//FOUO
3030 (NSTISS) Operational Systems Security Doctrine for the FORTEZZA PLUS (KOV-14) and Cryptographic Card and Associated Secure Terminal Equipment (STE) 26 Oct 01 U//FOUO
3031 (CNSS) Operational Systems Security Doctrine for the SecteraTM In-Line Network Encryptor (KG-235) Feb 03 U//FOUO
3032 (CNSS) Operational Security Doctrine for the VIASAT Internet Protocol (VIP) Crypto Version 1 (KIV-21) August 2003 U//FOUO
3034 (CNSS) Operational Security Doctrine for the SECNET TM 11 Wireless Local Area Network Interface Card Apr 2004 U//FOUO
4000 (NSTISS) Communications Security Equipment Maintenance & Maintenance Training (U) Jan 98 FOUO
4001 (NSTISS) Controlled Cryptographic Items (U) Jul 96 FOUO
4002 Classification Guide for COMSEC Information (U) 05 Jun 86 S//NF
CNSS-066-04 authorizes pen & ink changes for NTISSI 4002 (U) 2 Jul 04 U//FOUO
4003 (NSTISS) Reporting and Evaluating COMSEC Incidents (U) 02 Dec 91 FOUO
4004 (CNSS) Destruction and Emergency Protection Procedures for COMSEC and Classified Material Aug 2006 U//FOUO
4005 (NSTISS) Safeguarding Communications Security (COMSEC) Facilities and Materials (U) Aug 97 FOUO
Amendment to NSTISSI 4005 (NSTISSC-003-98) 02 Mar 98 U
Amendment to NSTISSI 4005 (CNSS-079-03) 05 Aug 03 U//FOUO
Amendment to NSTISSI 4005 (CNSS-045-05) 28 Sep 05 U//FOUO
4006 (NSTISS) Controlling Authorities for COMSEC Material (U) 02 Dec 91 FOUO
4007 (NTISS) Communications Security Utility Program (U) 30 Oct 89 FOUO
4008 (NSTISS) Program for the Management and Use of National Reserve Information Systems Security (INFOSEC) Material (U) 09 Aug 91 FOUO
4010 (NSTISS) Keying Material Management (U) 17 Jun 93 FOUO
7000 (CNSS) TEMPEST Countermeasures for Facilities (U) May 04 C//REL
7001 (NSTISS) NONSTOP Countermeasures (U) 15 Jun 94 S//NF
7002 (NSTISS) TEMPEST Glossary (U) 17 Mar 95 S//NF
_____
CURRENT ADVISORY MEMORANDA
IA/03-04 (CNSS) Advanced Encryption Standard (AES) Implementation Nov 04 U//FOUO
INFOSEC 01-02 (CNSS) Advisory Memorandum for Common Terminology Associated with the Electronic Key Management System (w/change pages Sep 02) Mar 02 U//FOUO
COMSEC 1-87 TRI-TAC Keying Concepts (U) 22 Oct 87 C
COMSEC 1-93 Nomenclature for Communications Security Material (U) 14 Oct 93 FOUO
COMSEC 2-98 Secure Terminal Equipment (STE) - A Strategy for Evolution to Secure Digital Capabilities Dec 98 FOUO
COMPUSEC 1-90 (NSTISS) Protection of Information Systems (IS) Outside the Continental United States (OCONUS) (U) 14 Sep 90 FOUO
TEMPEST 2-91 (NSTISS) Compromising Emanations Analysis Handbook (U) 20 Dec 91 C
TEMPEST 1-92 (NSTISS) Compromising Emanations Laboratory Test Requirements, Electromagnetics (U) 15 Dec 92 C
Appendix C of NSTISSAM TEMPEST/1-92 (U) (Issued via NSTISSC Memo, Serial: NSTISSC-002/94) 19 Jan 94 C
Appendix E of NSTISSAM TEMPEST/1-92 (U) (Issued via NSTISSC Memo, Serial: NSTISSC-014/93) 11 May 93 U
Section 6 Change to NSTISSAMTEMPEST/1-92 (U) (Issued via NSTISSC Memo, Serial: NSTISSC-017/94) 27 May 94 FOUO
TEMPEST 2-92 (NSTISS) Procedures for TEMPEST Zoning (FOUO) 30 Dec 92 FOUO
TEMPEST 1-93 (NSTISS) Compromising Emanations Field Test Requirements, Electromagnetics (U) 30 Aug 93 C
TEMPEST 2-93 (NSTISS) Rationale for Compromising Emanations Laboratory and Field Test Requirements, Electromagnetics (U) 14 Oct 93 S
Appendix J of NSTISSAM TEMPEST/2-93 (U) (Issued via NSTISSC Memo, Serial: NSTISSC-008/94) 07 Mar 94 C
TEMPEST 1-95 (NSTISS) Shielded Enclosures (U) 30 Jan 95 FOUO
TEMPEST 2-95 (NSTISS) RED/BLACK Installation Guidelines (U) 12 Dec 95 FOUO
Amendment to TEMPEST 2/95 3 Feb 00 FOUO
TEMPEST 01-02 (CNSS) Non-stop Evaluation Standard Oct 02 C
_____
CURRENT NATIONAL COMMUNICATIONS SECURITY INFORMATION MEMORANDA (NACSIM) AND EMANATIONS MEMORANDA (NACSEM)
4004 Communications Security Survey Guide (U) 03 Jul 80 C
5000 TEMPEST Fundamentals (U) 01 Feb 82 C
7002 (NACSEM) COMSEC Guidance for ADP Systems (U) Sep 75 C
_____
Other CNSS Issuances
NSTISSC-034-99 Position Paper on Information Assurance Apr 1999 U//FOUO
NSTISSAM INFOSEC/1-99 The Insider Threat to U.S. Government Information Systems Jul 1999 U
CNSS-075-03 Foreign Influence on U.S. Information Technology Sep 2003 U//FOUO
CNSS-067-06 10th Annual Assessment of Information Assurance for National Security Systems of the USG May 2006 U//FOUO
_____
Thank you very much,
John Young