Pet*_*ada 21 encryption app-store ios
在 TestFlight 上为我的 iOS 应用程序部署构建后,Apple 要求我填写“导出合规信息”以下问题:
Does your app use encryption?
Select Yes even if your app only uses the
standard encryption within Apple’s operating system.
我已经在 StackOverflow 上搜索了一些答案,但我的案例有点具体,还没有找到明确的答案。
我假设第一个问题的答案是肯定的。绝对是因为 Apple Keychain 本身使用加密。
如果我选择是,我将进入下一个问题:
Does your app qualify for any of the exemptions provided in Category 5,
Part 2 of the U.S. Export Administration Regulations?
Make sure that your app meets the criteria of the exemption listed below.
You are responsible for the proper classification of your product.
Incorrectly classifying your app may lead to you being in violation of
U.S. export laws and could make you subject to penalties,
including your app being removed from the App Store.
You can select Yes for this question if the encryption of your app is:
(a) Specially designed for medical end-use
(b) Limited to intellectual property and copyright protection
(c) Limited to authentication, digital signature, or the decryption of data or files
(d) Specially designed and limited for banking use or “money transactions”; or
(e) Limited to “fixed” data compression or coding techniques
You can also select Yes if your app meets the descriptions provided in Note 4 for Category 5, Part 2 of the U.S. Export Administration Regulations.
我假设我的应用程序是 c))
(c) Limited to authentication, digital signature, or the decryption of data or files
因此,对此的答案也是肯定的。
但是,我不确定这一点,并想知道您的意见,最好是简短的解释。
谢谢。
PS:我提供了有用的链接,它们帮助我了解如何提交自我分类报告:
https://kitefaster.com/2017/08/10/encryption-export-compliance-ios-apps https://simonfairbairn.com/bis-year-end-self-classification-report
cse*_*der 16
TestFlight 应用程序的规则与“真正的”AppStore 版本略有不同,但程序非常相似。
正如您所说,第一个问题是“您的应用是否使用加密?”即使您的应用仅使用 iOS 和 macOS / XCode 中的标准加密,您也应该选择“是”。
基本上:在这种情况下使用加密包括但不限于:
- Making calls over secure channels (i.e. HTTPS, SSL, and so on).
- Using standard encryption algorithms.
- Using crypto functionality from other sources such as iOS or macOS.
- Using proprietary or non-standard encryption algorithms.
美国政府将“非标准密码术”定义为任何“密码术”的实施,包括合并或使用专有或未公开的密码功能,包括未被正式认可的国际标准机构采用或批准的加密算法或协议。
您的应用是否符合美国出口管理条例第 5 部分第 2 部分中规定的任何豁免条件?
正如您所说,如果您不使用任何专有或非标准算法,则选项 C 通常是足够的并且是正确的选择。
顺便说一下,这是他们提到的“第 5 类注释 4”的链接。
当您将应用的最终版本提交到实际的 App Store 时,您将需要在 App Store Connect 中再次回答这些问题。
确定您的出口合规要求,等等,等等……
基本上,您可以在以下情况下说是:
Select "Yes" for this question if the encryption of your app is:
a. Specially designed for medical end-use
b. Limited to intellectual property and copyright protection
c. Limited to authentication, digital signature, or the decryption of data or files
d. Specially designed and limited for banking use or “money transactions”; or
e. Limited to “fixed” data compression or coding techniques
从这里开始通常没有问题,只要您通过内部测试等。导出/分发到App Store时按照提示操作即可。
请记住为您的构建更新您的 Xcode 设置。
顺便说一句:如有疑问,请咨询律师以获得法律指导!这只是我对这个过程的理解。