The Guardian has an interesting story on the Seven People Who Hold the Keys to the Internet. Actually, there are 21 people but only 14 hold keys, the other seven hold code that can be used to recreate the key generation machine.
What’s going on here, really? The key in question is the private key to the DNS system that authenticates the database. If you’re like me, you think, “Well, what’s so difficult? You generate a random key pair and publish the public key while signing the database with the private key.” As usual, the problem is mostly political. How can we trust person X or country Y not to mess with DNS and route connections somewhere other than where the user intended. In view of Snowden’s revelations, these concerns seem less tin-foil-hat than they would have a year ago.
To make everyone feel more comfortable, the seven keyholders have access to smartcards that are used to generate a new master key every 3 months. The key holders come from multiple countries representing a cross section of the world. Read the article to see how complicated the protocol is to ensure that no one can corrupt the process.
I’ve spent most of my professional life dealing with computer communications and the Internet but I’ve never heard of this before. If you’re interested in how the Internet actually works or if you’re a James Bond fan, give this article a read. You won’t be disappointed. Also be sure the watch the video.