Well, IMNAL, but laws seem to imply that developing, supporting and distributing cryptographic solutions without appropriate FSB-provided license is banned, although I never heard anyone had issues with hosting, say, Debian mirror with GnuPG and OpenSSL, or adding TLS support to some product. But it may be well possible that laws are there but it's just that no one cares to enforce them.
On the other hand, use is legal, except if user is state-owned and municipal corporations. Those must use only FSB-licensed solutions.
"In some countries it may be illegal to use any encryption at all without a special permit."
That warning was added to the description for a reason.
As for hosting, there was a huge issue originally with the export of cryptographic software, which led to the creation of Debian's "non-us" archive of software that had to be hosted outside the US. That got solved once it was possible to distribute such software with a notification requirement. See https://lists.debian.org/debian-devel-announce/2002/03/msg00... for the long and storied history.
Why would the Russian government want to ban encryption they can't break? Can't imagine.
More seriously, I assume there's a longstanding suspicion that any Western encryption technology has been engineered to be vulnerable, which isn't totally paranoid.
