When submitting an app (created with Cordova and XCode) for iTunes, I'm asked "Is your app designed to use cryptography or does it contain or incorporate cryptography?" My app uses the jquery $.get statement to pull files from a https URL and also uses the cordova-plugin-media plugin to access files with an https URL. If it is only accessing files on a secure site, I'm not sure if this applies to export compliance and cryptography.
Apple gives this link, but it doesn't clarify my question. https://www.bis.doc.gov/index.php/policy-guidance/encryption/4-reports-and-reviews/a-annual-self-classification
I'm still not sure if encryption is built in to the plugin or Cordova app automatically since I am accessing an external https resource, or if simply accessing a URL that is https through the app qualifies as use of encryption.
Related article: iTunes connect encryption info
If I select "Yes" to "Only makes calls over HTTS" I get this statement, which appears to indicate I still need to submit a year-end self classification report because I'm getting a file on an https website?
"If you are making use of ATS or making a call to HTTPS, you are required to submit a year-end self classification report to the US government."
Should I just change my calls to be http instead? But the website redirects to https.
Another related link which I can't understand completely: Does my application "contain encryption"?
