Does anyone know if there have been any major developments in the DSA patent issue in the past year? I've read that some large companies have used DSA in products without paying royalties to Bizdos, but they also have separate licensing deals for RSA itself. On another note, I would much appreciate advice on whether a product which does only signature verification using, say, DSA and SHA, would require ITAR export approval? I've read that the NSA has specifically stated that they are not concerned with products that cannot be easily used for privacy -- so would such a product (which can verify but not generate signatures) even be required to apply for an export license? Doug Cutrell doug@OpenMind.com ________________________________________________ fuck the Exxon Communications Decency ammendment