Export compliance information for cryptography in iOS

120 views
Skip to first unread message

anand agarwal

unread,
Apr 7, 2021, 5:08:49 PM4/7/21
to Chromium-dev
Hi,

We are creating a third-party browser app for iOS, based on Chromium for iOS code. As we know, in order to distribute the iOS app via app store/test flight, App needs to follow export compliance review checklist/questions set by Apple, which basically refer if the app uses, accesses, contains, implements, or incorporates encryption, this is considered an export of encryption software, and is therefore subject to U.S. export and other country or region import compliance requirements.

Use of encryption includes, but is not limited to:

  1. Making calls over secure channels (i.e. HTTPS, SSL, and so on).
  2. Using standard encryption algorithms.
  3. Using crypto functionality from other sources such as iOS or macOS.
  4. Using proprietary or non-standard encryption algorithms. The U.S. Government defines "non-standard cryptography" as any implementation of "cryptography" involving the incorporation or use of proprietary or unpublished cryptographic functionality, including encryption algorithms or protocols that have not been adopted or approved by a duly recognized international standards body ( e.g., IEEE, IETF, ISO, ITU, ETSI, 3GPP, TIA, and GSMA) and have not otherwise been published.
I know the chromium app for iOS is using #1, but not sure about the rest of the points.  So can u help us to come to know that if the Chromium Source code base is using any points from #2 to #4 in any form, if Yes what is the purpose and place of using it.

Regards,
Anand Agarwal

Ryan Sleevi

unread,
Apr 7, 2021, 5:40:30 PM4/7/21
to anand.i...@gmail.com, Chromium-dev
Unfortunately, we are unable to assist you in understanding any compliance or regulatory requirements.

You will (unfortunately) have to examine the code you're including to determine the answer for that.

--
--
Chromium Developers mailing list: chromi...@chromium.org
View archives, change email options, or unsubscribe:
http://groups.google.com/a/chromium.org/group/chromium-dev
---
You received this message because you are subscribed to the Google Groups "Chromium-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-dev...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/chromium-dev/6e7a5616-0705-43d8-afa1-f59ab5329b46n%40chromium.org.
Reply all
Reply to author
Forward
0 new messages