Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

App Export Compliance using the Dropbox API

Tags:

cocoa-touch

objective-c

dropbox

app-store

encryption

This question (or variations of this question) has been asked before, but as Apple's export compliance rules change relatively frequently, and no one seems to ever get a straight answer, I thought I would ask.

I write an iPhone application that uses version 0.2 of the Dropbox API.

I have emailed Apple concerning use of this specific API, and I will be sure to update this question as I learn more and hear back from Apple. In the meantime, if any developer is using the Dropbox API in their iPhone application, did you mark your application as using encryption?

Edit: Upon closer inspection, it looks like the file data is also transferred using SSL. Since their API is using the NSMutableURLRequest class over HTTPS though, I still can't determine whether or not this API "uses encryption." If in the App Store submission page I mark that it does include encryption, Apple then asks if I'm using greater than a 64-bit symmetric encryption key.

like image 909
Craig Otis Avatar asked Jan 28 '11 21:01

Craig Otis

3 Answers

If your app uses SSL (HTTPS), then yes it does include encryption. The export compliance rules changed last year though, so you will need an Encryption Registration Number instead of a CCATS number. See this blog post for details.

like image 153
David Avatar answered Oct 31 '22 15:10

David

As it happens I'm working on this right now on a related project.

The Apple position is clarified in the FAQ in iTunesConnect; (my bold)

If your App contains, uses or accesses standard cryptography for purposes other than those listed in questions 2-4, you need to submit for an ERN authorization. Examples of standard encryption are: AES, SSL, https.

This authorization requires that you submit an annual report to two U.S. Government agencies with information about your App every January.

It's a pain in the neck, but that is the law if you want to be fully compliant. I'd love to hear that I'm wrong though!

PS. You could always ask for a direct opinion from the Government department concerned here;

http://www.bis.doc.gov/forms/rpdform.html

like image 3
Roger Avatar answered Oct 31 '22 17:10

Roger

You can also call the Bureau of Industry and Security help desk at 202-482-0707 or read the web site at http://www.bis.doc.gov/encryption for more information.

Discussing your question with a live person is probably going to be better than filling out the online form and waiting for a response.

like image 1
Michael Avatar answered Oct 31 '22 17:10

Michael
Sign in to Comment

Related questions

Writing a unit test to verify NSTimer was started
UIKit -[UIApplication sendAction:to:from:forEvent:] crash
A better way to animate resizing of UIView and subviews?
Detect when a second annotation is selected in a MKMapView
Present UIActivityViewController- LaunchServices:invalidationHandler called
Custom segue to a different storyboard
Write & call Swift code using Java’s JNI
Group by one property while retrieving more with core data
Making HTTPS request in iOS 9 with self-signed certificate [closed]
How to add the image to top-left corner of uicollectionView cell in ios?
Fabric failed to download settings Error Domain=FABNetworkError Code=-6
Get center points of a UIBezierpath
Swift package manager for objective c code
looping through uiimageview in customCell
UITableView reloadData crashes on reappearance in iOS 11
Calculating number of seconds between two points in time, in Cocoa, even when system clock has changed mid-way
Symbol Not Found, expected in Flat Namespace ObjC++
Where to store data in iphone?
QuickLook consumer as a delegate from an NSViewController
Random crash on iPhone OpenGL app when navigating

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!