If I live in the US and put the perl RSA code in my sig, then post in an international newsgroup, have I illegally exported encryption? If I put that same code on my web site, then post requests to view my site in an international newsgroup, have I exported it? What is the penalty for exporting powerful encryption?