如何在我的应用中选择出口合规性? [英] How to pick Export Compliance in my app?

问题描述

我正在提交以供审核，但不确定 出口合规性问题 您的应用是否旨在使用加密技术，还是包含或整合了加密技术?(即使您的应用仅使用 iOS 或 macOS 中可用的加密，请选择是.) 我的应用中唯一的互联网功能是在第一个屏幕上使用 Facebook 登录供用户注册和登录.我使用 Firebase 作为后端.那么我需要选择Yes吗?

I am submitting for review and not sure about the Export Compliancequestion Is your app designed to use cryptography or does it contain or incorporate cryptography? (Select Yes even if your app is only utilizing the encryption available in iOS or macOS.) The only internet function in my app is using Facebook Loginon first screen for users to register and login. And I use Firebase as backend. So do I need to select Yes?

如果我应该为第一个问题选择是，那么第二个问题您的应用是否符合美国出口管理条例第 2 部分第 5 类规定的任何豁免条件? 我也应该选择Yes，对吧?谢谢！

If I should pick Yes for first question, then second question Does your app qualify for any of the exemptions provided in Category 5, Part 2 of the U.S. Export Administration Regulations? I should also pick Yes, right? Thanks!

推荐答案

如果唯一的用途是通过 https 连接到 Facebook，我会回答不.在 WWDC16 上，我专门向安全团队询问了两次这个问题，并被告知他们不认为 HTTPS 是针对此问题的加密.

If the only use is an https connection to Facebook I would answer no. At WWDC16 I specifically asked this question twice of the security team and was told that they did not consider HTTPS to be encryption for this question.

更多:

美国新法规于 2016 年 9 月 20 日生效.新法规取消了仅因为应用使用加密而注册的要求.

New U.S. legislation went into effect on September 20th, 2016. The new regulation removes the requirement to register your app simply because it uses encryption.

指向 2016-09-20 变更的一些链接:BIS 信息安全控制的变更带来了放松的控制，取消了注册要求 Dentons，美国实施加密产品、软件和技术的法规变更 Shadden，出口管理条例 (EAR) BIS.

Some links to the 2016-09-20 changes: Changes to BIS's information security controls bring relaxed controls, removal of registration requirement Dentons, US Implements Regulation Changes for Encryption Products, Software and Technology Shadden, Export Administration Regulation (EAR) BIS.

请注意，其他国家/地区也有涉及加密销售的法规，包括法国.

Note that other countries also have regulations covering sale of encryption including France.

这对回答 Apple 问题有何影响尚不清楚.如果我的应用直接使用加密(例如我的 API 直接调用 AES)，我会回答是"并提供上述信息.

How this affects answering the Apple question is unclear. If my app used encryption directly (my API calls directly to AES for example) I would answer "yes" and supply the above information.

免责声明:这不是法律建议.

Disclaimer: This is not legal advice.

这篇关于如何在我的应用中选择出口合规性?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！