I am building iOS apps that use Bluetooth LE via CoreBluetooth and make calls over ATS/HTTPS, both of which make use of encryption, which requires a declaration in AppStoreConnect.
AppStoreConect then links to this document:
https://help.apple.com/app-store-connect/#/devc3f64248f
which states that for ATS/HTTPS or "encryption limited to that within the Apple operating system" (the latter should be applicable for Bluetooth), "No documentation required in App Store Connect.", but I should "Submit a Self Classification Report to the U.S. Bureau of Industry and Security (BIS) directly."
So I end up with "App Uses Non-Exempt Encryption : No" and tried to create such a report, which basically consists of a simple spreadsheet listing some product details, but now I am totally lost trying to figure out what to use for these three colums, in particular the first one:
ECCN | AUTHORIZATION TYPE | ITEM TYPE |
There are documents that discuss possible values for these entries, but they are harder to decypher than the crypto in question here...😕
Is there a simple table or official statement which tells what to use for the very basic case of an app that is exclusively using HTTPS and other built-in crypto, such as Bluetooth, Wifi, etc.?
Has anyone ever figured out the proper entries for this common case?