RSA Data Security Inc. today announced it will make available -- for free -- software designed to prevent address spoofing on the Internet.
Called DNSsafe, the software is aimed at developers who may embed it in operating systems, routers, firewalls and networking software, RSA officials said.
"What we've got here is software that creates the ability to create and verify digital signatures," said Jim Bidzos, RSA president.
Digital signatures can be used to authenticate the source of electronic mail messages to prevent people from faking, or spoofing, their true identities or locations, Bidzos said. In addition, DNSsafe can thwart those who intercept a user's request to go to a given site, hoping to insert a decoy site where the user could be enticed to enter personal information such as a credit card number, according to Bidzos.
"It's clear that stopping domain name spoofing is important," Bidzos said.
DNSsafe works by using digital signatures to bind domain names to TCP/IP, the data transmission and error correction standards which permit the transfer of data from one Internet-linked computer to another. DNSsafe is designed to be part of the public-key infrastructure and is slated for fourth-quarter availability from the Internet Software Consortium at http://www.isc.org/, according to Bidzos. Because the software is for authentication, U.S. laws regulating the export of encryption software will not apply and the product should be available worldwide, he said.
Asked why RSA will license the software for free, Bidzos said doing so "will probably create many many more licensing opportunities for us."
RSA Data Security, in Redwood City, California, can be reached at +1-415-595-8782 or on the Internet at http://www.rsa.com/.