5A002.a includes items where the cryptographic capability is usable, activated, or can be activated by means of "cryptographic activation not employing a secure mechanism.

"Cryptographic activation" (Cat 5P2) Any technique that specifically activates or enables cryptographic capability of an item, by means of a mechanism implemented by the manufacturer of the item, where this mechanism is uniquely bound to any of the following:

(1) A single instance of the item; or

(2) One customer, for multiple instances of the item.

Technical note 1 to definition of “Cryptographic activation”: “Cryptographic activation” techniques and mechanisms may be implemented as hardware, “software” or “technology”.

Technical note 2 to definition of “Cryptographic activation”: Mechanisms for “cryptographic activation” can, for example, be serial number-based license keys or authentication instruments such as digitally signed certificates.

That is to say, if the cryptography cannot be used it would not be controlled in 5A002.a. Also, if the cryptography requires a “cryptographic activation” (e.g., license key) to be enabled, then the item without or before the cryptography is activated would not be controlled in 5A002.a.

Conversely, an item that has cryptography that is usable without any “cryptographic activation” (e.g., license key) could be controlled in 5A002.a. Items that do require a cryptographic activation that has been activated would be controlled in Cat. 5 Part 2. Also, items where the cryptographic activation is implemented without using a secure mechanism would still be controlled in Cat. 5 Part 2.

   
© BIS 2019