Do I really need an ERN to publish an iOS in the app store?

Discussion in 'iOS Programming' started by davidbaker, Dec 10, 2015.

  1. davidbaker macrumors newbie

    davidbaker

    Joined:
    Dec 10, 2015
    #1
    I'm new to this forum, so I'm not sure if this is the correct place or way to ask. Forgive me if it's not. I have an app in the app store that uses the Flickr API and a friend of mine recently pointed me to this blog post about how if I use an API I need an ERN or something like that:https://carouselapps.com/2015/12/09/mac-ios-applications-breaking-rules-removed

    I asked the freelancer coder that built it for me and he said that he knew nothing about it. I'm confused. Is this true? do I need to get an ERN to publish an app in the iOS store when it's using the Flickr API?
     
  2. firewood macrumors 604

    Joined:
    Jul 29, 2003
    Location:
    Silicon Valley
    #2
    Depend on whether you have the word "need" defined by your lawyer, or by what 99% of iOS developers actually do to get their simple API-using iOS app successfully approved for App store distribution.
     
  3. 1458279 Suspended

    1458279

    Joined:
    May 1, 2010
    Location:
    California
    #3
    Apple app approval seems to be a hit and miss situation. It seems that some get by while others get rejected. Also, it seems the same is true for who gets taken down. Best to have all the bases covered if it's an important app.

    Someone posted a step-by-step for getting an app approved using crypto, but I don't have the link handy.
     
  4. PhoneyDeveloper macrumors 68030

    PhoneyDeveloper

    Joined:
    Sep 2, 2008
    #4
    What I read in that blog mentioned by OP is some opinion. Here's my opinion: You don't need an ERN for using https. You're wasting your time trying to get the ERN. Just submit the app when it's ready.

    I doubt most people reading this know what encryption is and I doubt any people reading this have ever written any encryption. rot-13 doesn't count.
     
  5. dantastic macrumors 6502

    dantastic

    Joined:
    Jan 21, 2011
    #5
    Most apps don't require the ERN. When you submit the app there are a bunch of exceptions to the ERN requirement. Just using HTTS or SHA... is not reason to require an ERN.

    Only if you use strong encryption. And if you do, you'll know you are.
     
  6. davidbaker, Dec 11, 2015
    Last edited by a moderator: Dec 11, 2015

    davidbaker thread starter macrumors newbie

    davidbaker

    Joined:
    Dec 10, 2015
    #6
    I suppose I care about "need" as defined by Apple and/or the US government. ;)

    I just had a talk with a representative from Apple. It took me a while to get someone on the phone but I finally managed and they said that using HTTPS is enough to require an ERN :( I don't know about SHA, I didn't ask, I don't know what that is. My developer says that we are using https, so, I better get an ERN.
     
  7. dantastic macrumors 6502

    dantastic

    Joined:
    Jan 21, 2011
    #7
    That's not correct, the person you spoke to could not have been familiar with the concepts.
    Everyone is using HTTPS. In iOS9 you must use HTTPS (there are ways around it but that's a separate note).
    An app should be rejected if it doesn't use HTTPS as a bare minimum.

    Read the exception criteria in the encryption section of the submission flow. Using HTTPS for communication with your backend is exempted.
     
  8. firewood macrumors 604

    Joined:
    Jul 29, 2003
    Location:
    Silicon Valley
    #8
    Unhelpful. Apple does not apply any particular definition consistently during actual app approvals or rejections. And the government lets courts decide, and there is no applicable court decision to be found that applies to you unless your lawyer says there is or is not.
     

Share This Page