Everyone assumes that this is just a "oh they should add an s to http:// issue.
If your iPhone application uses SSL, it becomes subject to US export restrictions on encryption.
Apple is the vendor of the apps, and is based in the US, so every app is subject to these regulations. Apple specifically asks if your application uses encryption when you submit it, and if so, some apps end up having to get U.S. government review and approval for sale outside the US before they can be added to the market.
It's really not that difficult to get certified for export as a mass market crypto product. We did this for SpiderOak years ago. Took about an hour and I think a small fee.
Also requires sending the NSA the source code, but we're shipping easily reversible Python anyway, so hardly a concern.
Also requires sending the NSA the source code, but we're shipping easily reversible Python anyway, so hardly a concern.