Procedures, Instructions, and any other materials regarding the proper
handling of SSL/TLS secret keys, code signing keys, Client Certificate
private keys, and other private key material obtained via National
Security Letters or Court Order under PATRIOT Act, or USA FREEDOM Act
authorities. E.g. Under the USA PATRIOT Act, Pub. L. No. 107-56
§505(a), 115 Stat. 272, 365 (2001) , including recent revisions; C.f.
USA FREEDOM Act of 2015, Pub. L. No. 114-23, 129 Stat. 268, the FBI
can issue National Security Letters requesting specific business
record information, including SSL/TLS private keys used in Internet
communications, code signing keys used to authenticate software, and
Client Certificates used to impersonate cryptographic identities.
Please recognize that agencies MUST search all records system
reasonably believed to contain responsive documents, even if it means
contacting former employees. Truitt v. Department of State, 897 F.2d
540, 542 (D.C. Cir. 1990) makes it explicitly clear that it is the
obligation of the Department to “conduct a search reasonably
calculated to uncover all relevant documents.”
Enumeration and explanation for any responsive documents withheld
under any authority is also requested; please identify all such
excluded documents in full.
Records spanning other intelligence agency activities in which this
agency played a part are explicitly requested to be considered and
searched, as appropriate, including activities under authority of E.O.
12333, Section 215 of the USA PATRIOT Act , and Section 702 Section
702 of the FISA Amendments Act , and any other related authorities.
which is in response to some bogus 404s... :P