Hi,

I couldn't find anything about the export classification of KiXtart. No ECCN number or any other related information. How am I supposed to know if I'm breaking US law by using the software within a product that is shipped to different countries?

KiXtart is not an open source software, so I can't check if it contains functions that may be subject to the EAR.

Ussually there are some basic rules which can be followed to conclude the ECCN of a software:

1) Was the software developed by a US citizen or in the USA?
2) Does it contain any kind of encryption/decryption functionality besides
- Authentication
- Hashing

Software that doesn't apply to 1) is not subject to EAR and can be classified as ECCN = N. If it apllies to 1) but not to 2), it can be classified as ECCN = EAR99.
If 1) and 2) apply, the supported encryption depth is essential.

x<64 bit depth and symetcric encryption algorith => ECCN = 5D992
x<256 bit depth and asymetcric encryption algorith => ECCN = 5D992
else ECCN = 5D002


I hope sombody can help me to find the correct classification number for KiXtart. Maybe there are also other people or companies who need to know this too?

With best regards
DoktorBrot