This seems to be for apps not able to use https and wanting to communicate with http.
My problem is not to use https, it works fine.
My problem is that if I declare that Im using HTTPS, here is what MAS says:
It is your responsibility to comply with export regulations, and you should revisit these questions if your encryption or exemption status changes. If your encryption and exemption eligibility stay the same, specify this in the target properties table in Xcode.
App Uses Non-Exempt Encryption : No
and
If you are making use of ATS or making a call to HTTPS, you are required to submit a year-end self classification report to the US government.
If this is the way to go I dont think Ill submit to MAS.
This process is not simple (I found this) and certainly not worth the time spent.
Set this to Yes only if your App uses encryption thats exempt from export compliance requirements and this does not apply to the use of the HTTPS Protocoll.
The question is still: does anyone do what is in the links from Sascha? I checked a couple of applications and none have the plist entries for encryption.
[quote]Use of encryption includes, but is not limited to:
Making calls over secure channels (i.e. HTTPS, SSL, and so on).[/quote]
It does feel new, but I haven’t submit anything to the MAS that uses the internet.
AFAIK, you only need to worry if you use encryption that the US Gov doesn’t like. If you use the functionality supplied by the OS you should be fine.
I say should, because there are many who have/do and don’t have a problem, but you can’t use that argument if your application gets rejected. If a reviewer thinks you’ve broken the rules, you’ve broken the rules until you can prove that you haven’t.
All out apps feature a system that uses the Xojo sockets (can’t recall which ones) to periodically connect via https to our server and check for new information. Again, it’s doesn’t mean that a reviewer who doesn’t like you app can’t create problems for you.
@Jeremie: [quote]sqlite encrypted databases[/quote]
Actually in these days I was going to submit to MAS a new desktop app containing a readOnly sqlite encrypted databases, and I was musing about the reviewer’s reaction to it.
Should I add the plist-snippet you provided?
ITSAppUsesNonExemptEncryption
From my experience with iOS apps, setting the plist entry mentioned in previous post is ok when using sqlite encryption.
But there is a big difference between iOS app reviews and Mac app reviews. For iOS, I believe the first reviewer does not have access to the app’s content. It is only if the app needs a deeper review that they have tools to download the app bundle onto a Mac and have a closer look to the files. But I may be mistaken.
When reviewing a Mac app, the reviewer can look into the app bundle and take a closer look to every file.