[DennisP]

Yes, that's the same link as above. Some restrictions:

> Militarized encryption equipment, TEMPEST-approved electronics, custom cryptographic software, and even cryptographic consulting services still require an export license.

However:

> the BIS must be notified before open-source cryptographic software is made publicly available on the Internet, though no review is required.

So you're free to publish open source cryptographic software on the internet, you just have to let them know you're doing it. Bernstein vs US is the reason for that.

[dcow]

Another interesting note is that encryption software used for the purpose of authentication and credential management is also exempt even if it's not open source. Otherwise most every app on the market would have to go through this process because of login flows.