Discussion Board

Results 1 to 2 of 2
  1. #1
    Regular Contributor
    Join Date
    Mar 2003

    Failed QA due to encryption, USA distribution not allowed

    Hi group:
    When submitting our content we selected the following options:

    Does your content contain encryption? - Yes
    Does your content contain encryption used for authentication? - Yes
    Does your content contain encryption used for protection of data or information security purposes? - No

    Why would QA fail our content with the following description?

    ISSUE #1 Your submitted application failed as encrypted content is not permitted to be distributed in the United States of America. Please change the distribution and resubmit the item

    I suspect these questions (above) were taken directly from Apple App. Store, but there we always pass and are allowed for distribution in USA. Any ideas? Thanks in advance.

  2. #2
    Registered User
    Join Date
    Jun 2009

    Post Re: Failed QA due to encryption, USA distribution not allowed


    Please read the following article from Wikipedia on this subject:

    Article on Encryption Law


    The export of cryptography is the transfer from one country to another of devices and technology related to cryptography.

    Since World War II, many governments, including the U.S. and its NATO allies, have regulated the export of cryptography for national security considerations, and, as late as 1992, cryptography was on the U.S. Munitions List as an Auxiliary Military Technology. [1]

    In light of the enormous impact of cryptanalysis in World War II, it was abundantly clear to these governments that denying current and potential enemies access to cryptographic systems looked to be militarily valuable. They also wished to monitor the diplomatic communications of other nations, including the many new nations that were emerging in the post-colonial period and whose position on Cold War issues was regarded as vital[2].

    Since the U.S. and U.K. had, they believed, developed more advanced cryptographic capabilities than others, the intelligence agencies in these countries had a notion that controlling all dissemination of the more effective crypto techniques might be beneficial.

    The First Amendment made controlling all use of cryptography inside the U.S. difficult, but controlling access to U.S. developments by others was thought to be more practical — there were at least no constitutional impediments.

    Accordingly, regulations were introduced as part of munitions controls which required licenses to export cryptographic methods (and even their description); the regulations established that cryptography beyond a certain strength (defined by algorithm and length of key) would not be licensed for export except on a case-by-case basis. The expectation seems to have been that this would further national interests in reading 'their' communications and prevent others from reading 'ours'. This policy was also adopted elsewhere for various reasons.

    The development, and public release, of Data Encryption Standard (DES) and asymmetric key techniques in the 1970s, the rise of the Internet, and the willingness of some to risk and resist prosecution, eventually made this policy impossible to enforce, and by the late 1990s it was being relaxed in the US, and to some extent (e.g., France) elsewhere. As late as 1997, NSA officials in the US were concerned that the widespread use of strong encryption will frustrate their ability to provide sigint regarding foreign entities, including terrorist groups operating internationally. NSA officials anticipated that the American encryption software backed by an extensive infrastructure, when marketed, was likely to become a standard for international communications. [3] In 1997, Louis Freeh, then the Director of the FBI, said

    Law enforcement is in unanimous agreement that the widespread use of robust non-key recovery encryption ultimately will devastate our ability to fight crime and prevent terrorism. Uncrackable encryption will allow drug lords, spies, terrorists and even violent gangs to communicate about their crimes and their conspiracies with impunity. We will lose one of the few remaining vulnerabilities of the worst criminals and terrorists upon which law enforcement depends to successfully investigate and often prevent the worst crimes. [4]

    Others[who?] feel that the export controls in place in the last half of the 20th century discouraged incorporation of widely known cryptographic tools into commercial products, particularly personal computer operating systems, and are a root cause of the present crisis in information security, aside from interfering with U.S. trade in such products. They observe that many of the advances, including asymmetric key cryptography and many of its algorithms, were already public in any case.

Similar Threads

  1. Why don't S60 emulator loading?
    By K.John in forum Feedback - Nokia Developer Services & Infrastructure
    Replies: 9
    Last Post: 2009-08-11, 11:03
  2. QA failed: game N95 landscape not available
    By Lunaforte in forum [Closed] Publishing to Nokia Store
    Replies: 5
    Last Post: 2009-08-03, 23:21
  3. QA Problem - Failed Case 1: Expired Certificate
    By eBattalion in forum [Closed] Publishing to Nokia Store
    Replies: 9
    Last Post: 2009-05-14, 05:05
  4. Ovi QA : Failed Case NEC 1.2: Download/Install/Launch/Delete ??
    By kylom in forum [Closed] Publishing to Nokia Store
    Replies: 2
    Last Post: 2009-05-13, 14:12
  5. S60 2nd to 3rd/ PlatformSecurity / Capabilities
    By jarkoos in forum Symbian Signed Support, Application Packaging and Distribution and Security
    Replies: 4
    Last Post: 2007-04-14, 14:08

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts