See also https://www.apache.org/dev/crypto.html
> I'm wondering if the Export Control note is needed as we don't include > theses (JCA & BouncyCastle) in our distributions. Any clue? We don't have any "encryption algorithm" in Zest code. We simply bind to external libraries (JCA & BC) and they are not included in the distributions. >From my point of view Zest don't need any export control notification. But I'd like to be sure before releasing 2.1.
