Hello all, I'm trying to figure out exactly what the laws are regarding the export of software which contains "hooks" for PGP. In various forms, I've heard that it's not the ITAR which prevents this, but more a "suggestion" by the NSA that we "shouldn't do it." Does anyone have any pointers to real legislation/laws regarding this? Also, since we all know that our gov't thinks it perfectly legal to export source code in hardcopy form (albeit with a license, right?) I was wondering... I've written a Unix e-mail client which contains support for PGP/MIME and also a front end for mixmaster. Right now I basically reap all the "bad" code before I distribute it (at _least_ 50% of my testers are outside the US). However, this has been annoying for those users because they want to be able to use the PGP support (so do I!). So, what I'm wondering is what the laws are regarding snail-mailing source code to these people. The actually pgp/remailer stuff isn't more than a few pages of code, which could easily be transcribed or scanned in with OCR software. Would I have to get a "license for export" in order to send the code outside the US? It's worth the $1.00 it would cost to do this if it really is legal... me -- Michael Elkins <me@cs.hmc.edu> http://www.cs.hmc.edu/~me PGP key fingerprint = EB B1 68 32 3F B5 54 F9 6C AF 4E 94 5A EB 90 EC