Hi! I'm busy working on a package manager for some platform. We want to sign packages for authentication, and use gpg to do this of course, but we're worried about US import/export laws regarding strong cryptography. Is it legal to import/export gpg to the USA? If so, what about commercial entities? Regards Abraham PS: Please reply to me directly or cc me at least - I'm not subscribed to the list.