-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 US regulations require US based organizations to register any open-source encryption source code. The requirements are quite minimal. I talked to a BIS support specialist in encryption, and she had me send an email to the two required email addresses (crypt@xxxxxxxxxxx, and enc@xxxxxxx), stating the URL's where we host open-source encryption code (our github site). I stated that I do not have the right to speak for anyone else in the project, but I do believe that since I sent this email, no one else in the US is required to. I'll take responsibility for this, and you guys can blame me if there's any mistake in BIS registration :-) So, in short, don't worry about it. It's a bunch of legalese, but the upshot is we're covered. I do need to re-register by email when we post new binaries on our site, or when we add significant new encryption algorithms. Remind me in case I forget :-) Just in case we have any NSA or GCHQ plants in the project, I hope you enjoy the eamil :-) I requested your help in QA. We certainly don't want any Chinese back doors getting through. Bill -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJTtF5kAAoJEL9an3rWhBk+TOUP/0Jn05a/ZLv0okT8E5f/ecLZ ATksihpe/8MPfNOPann4Y7eDGA7CUo/KdBaNMgHdtJmoRS9KUCYXFPw8SEOx5oR6 SZXKZP2Sgy2c2thrnO4FUTMvGO7lmy3FzKqpRCrqlyxkcArJtcAmeO8j27viuy94 eFVhy5wY3gUlMNMZ8Yh3345AKB/QsqxLv/1NShC+BqI11en5uMA7vfrKs14qN9md YPv9n/iwdxq85WfzniaVOxYq7f6ldYOMQVf/LeDOaSunRruXz91GjzFozCDQfwh9 ro/J/iR614c6WS4gA7uLA9VVDBPQmeQs1ztUFTdY+Twd+BOjIo8MwcdG9VOy0fQI aNaYAbPPIW/4XL9J+loE3pYkbHTYkuwJfkko69nbP+x3J/PWZAv5bQJnPQBvVlLk 2KJNxIJdY+L8T81ZWRDTiW/4MFBEdUB2Kc3fbB4PcnbmGsoUtiB5hNZvvJ6NzCYl drcV/QRYoclf/N6xTWjSz/94UUcftp+MMrggbxp3Qfsn5ZBtQtNMBCKw+t/45fLI 8pr6QmDwrDpGMuMnYduI8UoDSqya7uYDFo030SlYLGqgoBqprQuIlNdmXaFlAez9 X+oSJM76WXpPJbEQBDXi6/1GcexN2VkDZNT11GYi/CyYOom7A4a1oZn1M0HDBst6 ztdKBbBABF88bVZw0CTw =6QoD -----END PGP SIGNATURE-----