Hi @Thomas and @Dominik, I have done some more research on this through the BIS documentation [0] on License Exception ENC and Category 5, Part 2 [1].
AFAIU, - Since we are using TLS/SSL encryption we are under 5A002/5D002. Our app comes under mass market [2] so it further classfies it under 5A992/5D992. After March 29, 2021 mass market software doesn't need to provide a self classification report [3]. Also since we are using the platform APIs provided by iOS which are already exported by Apple for SSL/TLS and not implementing any encryptions by ourselves i believe we don't need to do anything from our side. - For the crypto package that we are using doesn't likely fall under 5A002/5D002 as it's not used for confidentiality rather we are using it for data integrity. So i believe it should likely fall under ECCN 5D992 (Mass Market). Also the source code of the package is publicly available and SHA-256 is a standared algorithm. - For `biometric_storage`, the package internaly uses the platform APIs that are available in iOS [4]. Since it's using the already exported iOS interfaces i believe we should be fine there as well. - [0] https://www.bis.doc.gov/index.php/encryption-and-export-administration-regulations-ear - [1] https://www.bis.doc.gov/index.php/documents/new-encryption/1652-cat-5-part-2-quick-reference-guide/file - [2] https://www.bis.doc.gov/index.php/policy-guidance/encryption/3-license-exception-enc-and-mass-market/a-mass-market (Paragraph a) - [3] https://www.bis.doc.gov/index.php/documents/pdfs/2759-table-of-changes-to-enc-in-wa2019-rule-final-version/file (Table Reference) - [4] https://github.com/authpass/biometric_storage/blob/main/macos/Classes/BiometricStorageImpl.swift So IMHO, i think it's safe to update the ` ITSAppUsesNonExemptEncryption` key to false. WDYT? _______________________________________________ pve-devel mailing list [email protected] https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
