[jt_thurs_82]

I'm trying to dig through this to understand what it means, but I am far from an expert on regulations or legalese. I'm looking forward to any breakdowns and explanations/annotations of the passages in this article and rule. If anyone has any, please let me know in the reply?

[elliekelly]

I'm a regulatory lawyer (but I have no experience with export controls) and I can't decipher the rule either. I actually wonder how anyone is able to confidently draft and revise such a long document with so many complex cross-references:

> License Exception ACE eligibility is added for 5E001.a (for 5A001.j, 5B001.a (for 5A001.j), 5D001.a (for 5A001.j), or 5D001.c (for 5A001.j or 5B001.a (for 5A001.j)). License Exception STA conditions is revised to remove eligibility for 5E001.a (for 5A001.j, 5B001.a (for 5A001.j), 5D001.a (for 5A001.j), or 5D001.c (for 5A001.j or 5B001.a (for 5A001.j)) to destinations listed in Country Groups A:5 and A:6 (See Supplement No. 1 to part 740 of the EAR for Country Groups). License Exception TSR is revised to remove eligibility for “technology” classified under ECCN 5E001.a for 5A001.j, 5B001.a (for 5A001.j), ECCN 5D001.a (for 5A001.j), or 5D001.c (for 5A001.j or 5B001.a (for 5A001.j)).

It's like a logic puzzle.

Edit: Looking at this random paragraph again and it seems they're missing a few closing parens so maybe the answer to how they confidently draft and revise these documents is... they don't.

[dharmab]

I bet it's derived from some big excel sheet.

[mschuster91]

You wish. This kind of stuff is all too often manually managed and copy-pasted between Word documents.

[codazoda]

I can’t help but wonder if encryption export controls will be slipped into this mess. Seems like a good place to hide them but I don’t have time to drudge through this at the moment.

[johnwalkr]

I doubt it. The link says it’s consistent with Wassenaar Agreement (WA) negotiations, which is the international export control agreement that is quite well harmonized across many nations. WA has a lot of restrictions on encryption, but a huge carve out for most items that says encryption on commercially available devices is exempt.

[averysmallbird]

There's already export controls on encryption. Have been for decades.

[kfprt]

We're way past that, the horse has bolted.

[codazoda]

Are you saying we're way past the point where encryption could be restricted from export in the U.S.? Because encryption exports are controlled and when I first started programming they were completely illegal. Every once in a while new legislation is proposed to make these exports illegal again, usually to "save the children".

https://en.wikipedia.org/wiki/Export_of_cryptography_from_th...

Based on other comments here, I'll assume there is no hidden agenda on encryption here but a document this messy is probably hiding "stuff" (on purpose or not).

[joconde]

With AES widely available in free code, adding export controls today wouldn't seem to do much damage to symmetric crypto at least.

Maybe post-quantum schemes could be affected, but it's only a question of time until people agree on a standard, and if that one gets exported and doesn't get broken, controlling crypto exports won't prevent anyone from using secure ciphers.

[zorked]

Encryption is restricted from export in the US. I've had to submit forms to do things as trivial as buying microcontrollers from TI which happened to have AES instructions.

No idea why I can go into a store and buy an infinitely more powerful Intel laptop without a form, though.