French Encryption Import Compliance

gistfile1.md

Starting in the first week of July, apps that meet the following criteria are required to comply with French Encryption Laws/Regulations if you intend to distribute your app in France.

This requirement applies to apps that use, access, implement, or incorporate:

1. Any encryption algorithm that is yet to be standardized by international standard bodies such as IEEE, IETF, ISO, ITU, ETSI, 3GPP, TIA, etc. or not otherwise published; or
2. Standard (e.g., AES, DES, 3DES, RSA) encryption algorithm(s) instead of or in addition to accessing or using the encryption in iOS and/or Mac OS X

Apple will require you to upload a copy of your approved French declaration when you submit your app to the App Store. Relevant French encryption regulations can be found at:

• http://www.legifrance.gouv.fr/affichTexte.do?cidTexte=LEGITEXT000005789847&dateTexte=#LEGIARTI000006421577
• http://www.ssi.gouv.fr/archive/fr/reglementation/regl_crypto.html
• http://www.ssi.gouv.fr/site_article195.html
• http://www.ssi.gouv.fr/site_article197.html

Regards, Apple Export Compliance

Links are outdated

@bcipolli I have found this one by googling: https://www.ssi.gouv.fr/uploads/2015/03/ANNEXE-I.pdf

The official French link is broken too in there website.

When inspecting their website I see the the link points to `/uploads/2014/11/crypto_declaration-demande_autorisation_operations_annexe1_v2.pdf``

While my first link is from 2015

I'm not 100% sure my link is the proper one but it seems to be. I have contacted them by the way

If i read the law correctly, this only applies to encryption that are not stricly for Authentification or Integrity Check (e.g. Https)

@Arnaud-Albrecht But it still requires me to provide a document here, does anyone know how this has to look? I explicitly checked that we are only using default encryption algorithms like rsa, etc.