[pve-devel] [PATCH pve_flutter_frontend v2] chore: ios: add export compliance key to info.plist

Shan Shaji s.shaji at proxmox.com
Mon Sep 29 14:51:29 CEST 2025


Hi @Thomas and @Dominik, I have done some more research on this through
the BIS documentation [0] on License Exception ENC and Category 5, Part 2 [1]. 

AFAIU, 

- Since we are using TLS/SSL encryption we are under 5A002/5D002.
  Our app comes under mass market [2] so it further classfies it under
  5A992/5D992. After March 29, 2021 mass market software doesn't need to
  provide a self classification report [3]. Also since we are using the
  platform APIs provided by iOS which are already exported by Apple
  for SSL/TLS and not implementing any encryptions by ourselves  
  i believe we don't need to do anything from our side. 

- For the crypto package that we are using doesn't likely fall under 5A002/5D002 as
  it's not used for confidentiality rather we are using it for data integrity. 
  So i believe it should likely fall under ECCN 5D992 (Mass Market).
  Also the source code of the package is publicly available and SHA-256
  is a standared algorithm. 

- For `biometric_storage`, the package internaly uses the platform APIs
  that are available in iOS [4]. Since it's using the already exported iOS
  interfaces i believe we should be fine there as well. 

- [0] https://www.bis.doc.gov/index.php/encryption-and-export-administration-regulations-ear 
- [1] https://www.bis.doc.gov/index.php/documents/new-encryption/1652-cat-5-part-2-quick-reference-guide/file
- [2] https://www.bis.doc.gov/index.php/policy-guidance/encryption/3-license-exception-enc-and-mass-market/a-mass-market (Paragraph a)
- [3] https://www.bis.doc.gov/index.php/documents/pdfs/2759-table-of-changes-to-enc-in-wa2019-rule-final-version/file (Table Reference)
- [4] https://github.com/authpass/biometric_storage/blob/main/macos/Classes/BiometricStorageImpl.swift   

So IMHO, i think it's safe to update the ` ITSAppUsesNonExemptEncryption` key
to false. WDYT?




More information about the pve-devel mailing list