Export Control Classification
Export control classification is the process of determining which regulatory regime (EAR, ITAR, or neither) governs a particular item, software, or technology, and assigning the appropriate classification (ECCN for EAR, USML category for ITAR, or EAR99 for items subject to EAR but not specifically listed). Correct classification is the foundation of export compliance — it determines licensing requirements, eligible destinations, permissible end uses, and record-keeping obligations. Self-classification is permitted under EAR (with BIS commodity jurisdiction requests available for ambiguous cases), while ITAR classification is determined by the DDTC through commodity jurisdiction determinations. Misclassification can result in enforcement actions regardless of intent.
How XO Defense Addresses This
XO Defense maintains explicit export control classification for every protocol in its stack, displayed alongside protocol names in all technical documentation and the landing page. The dual-tier architecture — EAR99 for transport and data integrity protocols, 5D002 for encryption protocols — is a deliberate design decision that maximizes distribution flexibility while maintaining controlled access to sensitive cryptographic functionality. This transparent classification approach simplifies procurement for defense customers, who can immediately assess which protocols require export licenses and which can be distributed to coalition partners.
Learn how XO Defense's 25-byte protocol stack operates in the most constrained environments.
View Protocol Stack →