[pve-devel] [PATCH pve_flutter_frontend v2] chore: ios: add export compliance key to info.plist
Shan Shaji
s.shaji at proxmox.com
Mon Sep 29 14:51:29 CEST 2025
Hi @Thomas and @Dominik, I have done some more research on this through
the BIS documentation [0] on License Exception ENC and Category 5, Part 2 [1].
AFAIU,
- Since we are using TLS/SSL encryption we are under 5A002/5D002.
Our app comes under mass market [2] so it further classfies it under
5A992/5D992. After March 29, 2021 mass market software doesn't need to
provide a self classification report [3]. Also since we are using the
platform APIs provided by iOS which are already exported by Apple
for SSL/TLS and not implementing any encryptions by ourselves
i believe we don't need to do anything from our side.
- For the crypto package that we are using doesn't likely fall under 5A002/5D002 as
it's not used for confidentiality rather we are using it for data integrity.
So i believe it should likely fall under ECCN 5D992 (Mass Market).
Also the source code of the package is publicly available and SHA-256
is a standared algorithm.
- For `biometric_storage`, the package internaly uses the platform APIs
that are available in iOS [4]. Since it's using the already exported iOS
interfaces i believe we should be fine there as well.
- [0] https://www.bis.doc.gov/index.php/encryption-and-export-administration-regulations-ear
- [1] https://www.bis.doc.gov/index.php/documents/new-encryption/1652-cat-5-part-2-quick-reference-guide/file
- [2] https://www.bis.doc.gov/index.php/policy-guidance/encryption/3-license-exception-enc-and-mass-market/a-mass-market (Paragraph a)
- [3] https://www.bis.doc.gov/index.php/documents/pdfs/2759-table-of-changes-to-enc-in-wa2019-rule-final-version/file (Table Reference)
- [4] https://github.com/authpass/biometric_storage/blob/main/macos/Classes/BiometricStorageImpl.swift
So IMHO, i think it's safe to update the ` ITSAppUsesNonExemptEncryption` key
to false. WDYT?
More information about the pve-devel
mailing list