I was facing the same problem with MeePasswords.
I wrote an e-mail to developer.support@nokia.com asking for advice and they sent me these links:

http://www.bis.doc.gov/encryption/enc_faqs.htm
http://www.bis.doc.gov/encryption/742supp5.pdf
http://www.bis.doc.gov/encryption/question2.htm
http://www.bis.doc.gov/encryption/decision_tree.pdf

In general they were very helpful and even offered further assistance with this process.


Personally I found the decision tree very helpful: http://www.bis.doc.gov/encryption/decision_tree.pdf
With this you can easily identify what regulation applies to your software.
In my case, as MeePasswords is Open Source, I chose the option "Self Classify as 5D002. See License Exception TSU (740.13(e)) for notification requirement".
According to 740.13(e) http://www.gpo.gov/fdsys/pkg/CFR-200...-sec740-13.pdf I then send a notification to crypt@bis.doc.gov and enc@nsa.gov
I then attached a printed PDF of this notification e-mail via the form in the Nokia store. I am still waiting for response from the Nokia store QA. I will let you know how it worked out.

Please note that this is just my personal experience and no legal advice. You are still responsible to check everything yourself. However, I hope that these pointers are useful for some of us.