> They do require a one-time connection to perform key exchange of a long-live authorization key
What does my offline dishwasher need a long-lived authorization key for?
I assume only if you're setting it up to work "offline" with the app. Issuing a key pair to the hardware and the app from their ecosystem's trusted authority does seem like a secure way to do it.
Why can't the dishwasher or phone generate that key though?
I’ll assume they use this to “register” your product so they know when the warranty actually started.
Maybe it has some embargoed technology and needs to make sure it's not in China or something.
IANAL but I'm pretty sure the issue is distribution, so as long as they don't sell their dishwasher in China it isn't their problem. If someone buys and resells it in China then the reseller is in trouble. (Obviously it is a bit more complicated if they should know about this reselling but it shouldn't require online activation.)