Theodore Ts'o tytso at ATHENA.MIT.EDU
Thu Dec 17 11:19:50 PST 1992

   Date: Thu, 17 Dec 92 12:38:34 -0500
   From: treason at
   Apparently-To: cypherpunks at

   Here is parts of the article I posted regarding the legality of the use
   of emf shielding.  Read it carefully, and I suggest you also read the
   posted document in full as well.  

We have read it carefully.  What your article claims is that NACSIM
5100A is classified, so if something is built to be TEMPEST certified,
the design is classified, and the actual device can not be sold to the
public, in order to prevent reverse-engineering of the standard.

This, however, does not mean that emf shielding is illegal.  How to do
emf shielding is relatively well understood --- what is classified is
how much shielding is enough.  As your article itself admits, having the
the NACSIM standard isn't very useful anyway, since we can't trust the
levels promulgated by the NSA to be sufficient to prevent them from
listening in.  (What you're saying would be like saying that the NSA has
a classified recommendation that RSA keys be at least XXX bits long ---
just because the recommendation is classified doesn't mean that we can't
use RSA, and if the number of bits were something like 512 bits, if we
found out what it was, we'd probably want to use something bigger
anyway.  :-)

As many other people have pointed out, emf shielding can't be illegal,
since it's required for FCC requirements.  If someone wants to spend
additional money, and put a lot more shielding that what's really
needed, there shouldn't be any problem with that.

Finally, I'm not sure about the complete accuracy of that article you've
posted.  We have one of the first BBN Safekeeper (tm) boxes at MIT,
which is a certificate meter which generates X.509 public key
certificates for use in the Privacy Enhanced Mail (PEM) system.  It *IS*
TEMPEST shielded(*) and BBN is planning on selling it to commercial
companies, TEMPEST shielding and all.  Therefore, I suspect that the
information in that article may be out of date.

   PERRY, now I put up, now YOU SHUT UP!

There's no need to be rude --- especially when you're wrong and can't
even interpret the article which you yourself posted.

						- Ted

(*) There is an amusing story about what happened when they took it to
get it certified as a FCC Class A computing device (which they needed to
do since they were planning on selling it commercially); the FCC tester
kept bringing his testing device closer, and closer, and closer to the
Safekeeper(tm), and when he was finally on top of it, he tapped his
meter and asked: ``Are you sure this is turned on?''  As the story was
told to me, the designer of the box was there for the testing, and this
was one of his prouder moments.  :-)

More information about the cypherpunks-legacy mailing list