> I'd much rather have vendors say they don't support ESP (or that > they have two versions of IPsec, one domestic and one exportable), > than them claiming they support "a version of ESP that is almost as > secure as the standard says, and it's exportable!". Right. That's a much clearer expression of my opinion on the subject than I've been able to manage to date.. - Bill