Export Compliance

This section references a set of questions provided by the Red Hat legal team for evaluation of export compliance by third party software vendors. The resource links and questions should be reviewed and answered by a legal representative of the partner. Completion and returning this document does not guarantee export compliance approval but begins the evaluation process by Red Hat. Depending on the answers provided, a set of follow-up questions may be necessary.

In the event that you have insufficient information to complete the questionnaire, some additional resources are provided in Part 2 below.

The evaluation process is outlined below:

Step 1: Partner completes the ISV Registry Export Compliance Questionnaire****

Step 2: Partner engages their legal team to review and respond to questionnaire

Step 3: Partner returns completed questionnaire to Red Hat

Step 4: Within approximately 5 business days, Red Hat legal evaluates responses and

• Approves partner

• Defers decision

• Requests more information

• Declines partner

At this time, Red Hat is NOT able to accept applications that are authorized for export as encryption items under License Exception ENC §740.17(b)(2) and/or License Exception ENC §740.17(a) of the U.S. Export Administration Regulations.

In the event that your company has not previously gone through the process of obtaining an export classification, or if you have not gone through this process for the product that you intend to publish in the Red Hat Container Catalog, the U.S. Department of Commerce’s Bureau of Industry and Security provides these resources. Unfortunately Red Hat cannot provide any guidance or help with our partners’ export control compliance.

• EAR/Encryption Overview - Guidance for determining whether your item is subject to the EAR.

• Encryption items not subject to the EAR

• Flowchart 1 - Item designed to use encryption NOT controlled under Category 5, Part 2

• Flowchart 2 - Item classified under an ECCN in Category 5, Part 2

• License Exception ENC §740.17/ Mass Market Chart

• Chambers & Global - US Export Control Lawyers

• Red Hat Export Control Product Matrix (for example purposes)

If you are using a version of UBI (Universal Base Image) to build your container image, you can host your image in a private repository. This allows you to skip the Export Compliance. This Export Compliance form is only required if you are hosting your images in the Red Hat Container Catalog.