Sorry if this has already been overdiscussed.
(A) This issue has nothing to do with law. It's US Regulations
that are the issue. Regulations can be changed at a whim (and
this year, encryption is not a munitions issue but a commerce
issue).
(B) The regulations are totally ambiguous. For example, what's
being regulated are:
(1) "certain mass-market encryption software"
(2) "key escrow, key recovery and recoverable encryption software
and commodities."
(3) "non-recovery encryption items up to 56-bit key length des or
equivalent strength supported by a satisfactory business and
marketing plan for exporting recoverable items and services."
(4) "all other encryption items"
You might argue that linux is an encryption item. If so, you're
full of shit. http://www.eff.org/bernstein/Legal/961206.decision
for an example of what might happen if this ever goes to court.
-- Raul