Am 29.09.25 um 14:51 schrieb Shan Shaji: > Hi @Thomas and @Dominik, I have done some more research on this through > the BIS documentation [0] on License Exception ENC and Category 5, Part 2 > [1]. > > AFAIU, > > - Since we are using TLS/SSL encryption we are under 5A002/5D002. > Our app comes under mass market [2] so it further classfies it under > 5A992/5D992. After March 29, 2021 mass market software doesn't need to > provide a self classification report [3]. Also since we are using the > platform APIs provided by iOS which are already exported by Apple > for SSL/TLS and not implementing any encryptions by ourselves > i believe we don't need to do anything from our side. > > - For the crypto package that we are using doesn't likely fall under > 5A002/5D002 as > it's not used for confidentiality rather we are using it for data > integrity. > So i believe it should likely fall under ECCN 5D992 (Mass Market). > Also the source code of the package is publicly available and SHA-256 > is a standared algorithm. > > - For `biometric_storage`, the package internaly uses the platform APIs > that are available in iOS [4]. Since it's using the already exported iOS > interfaces i believe we should be fine there as well. > > - [0] > https://www.bis.doc.gov/index.php/encryption-and-export-administration-regulations-ear > > - [1] > https://www.bis.doc.gov/index.php/documents/new-encryption/1652-cat-5-part-2-quick-reference-guide/file > - [2] > https://www.bis.doc.gov/index.php/policy-guidance/encryption/3-license-exception-enc-and-mass-market/a-mass-market > (Paragraph a) > - [3] > https://www.bis.doc.gov/index.php/documents/pdfs/2759-table-of-changes-to-enc-in-wa2019-rule-final-version/file > (Table Reference) > - [4] > https://github.com/authpass/biometric_storage/blob/main/macos/Classes/BiometricStorageImpl.swift > > > So IMHO, i think it's safe to update the ` ITSAppUsesNonExemptEncryption` key > to false. WDYT?
That seems to be a safe conclusion with enough due diligence to back it up. _______________________________________________ pve-devel mailing list [email protected] https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
