The spec participant here is also saying that encrypting your export file is a "temporary minimum". Personally, I think that requiring a passphrase for some standard symmetric encryption on the export is fine. Plenty of free and privacy-preserving apps I use (Signal, Aegis) do this. The real issue is that there is no guarantee over the medium term that even this will continue to be allowed.