We are planning to reuse ELK and need to check the if ECCN(Export Control Classification Number) is OK. So how can I obtain the ECCN for logstash, elasticsearch and kibana?
Thanks.
Are you after this for the open source products, or the Elastic Cloud offering?
Thanks for quick reply. It's for open source products.
Ok let me move this thread as it's not Cloud related 
According to the information collected, one criteria to determine the ECCN is that whether the software is designed to use cryptography for purposes other than authentication or digital signature.
As my current understanding, there is no such encryption for data/message in ELK except authentication. Just want to double confirm? Thanks.
The ECCN for these products is 5D992.
Kevin
1 Like
Thanks for the reply.
But I can't quite understand. As I know there are 2 criteria to classify the opensource software for ECCN.
- US origin: does the software originate from the USA?
- Is the software designed to use cryptography for purposes other than authentication or digital signature with keys longer than 56 bit (symmetric) or 112/512 bit (asymmetric, depending on the algorithm)
for question 1, I'm not sure. maybe some content belongs to US.
for question 2, there is TLS/SSL encryption in shield plugin. but sheild is independent plugin(comercial product) from ELK. So my understanding is no encryption in ELK, and most probably ELK belongs to EAR99. Please correct me if I'm wrong. Or could you help to explain a bit where 5D992 comes from?