Meet the people who hold the keys to worldwide internet security via @stephane
The Guardian | James Ball 28/02/2014
Voilà la cérémonie qui a lieu tous les trois mois, pour s’assurer de l’intégrité du #DNS ; apparemment l’#Icann prépare un nouveau système de vérification (d’ici trois à cinq ans), qui rendra la perte ou la corruption de la « clé maître » beaucoup plus dangereuse pour la #sécurité de l’#Internet.
It might be a fairly typical office scene, were it not for the extraordinary security procedures that everyone in this room has had to complete just to get here, the sort of measures normally reserved for nuclear launch codes or presidential visits. The reason we are all here sounds like the stuff of science fiction, or the plot of a new Tom Cruise franchise: the ceremony we are about to witness sees the coming together of a group of people, from all over the world, who each hold a key to the internet. Together, their keys create a master key, which in turn controls one of the central security measures at the core of the web. Rumours about the power of these keyholders abound: could their key switch off the internet? Or, if someone somehow managed to bring the whole system down, could they turn it on again?
The keyholders have been meeting four times a year, twice on the east coast of the US and twice here on the west, since 2010. Gaining access to their inner sanctum isn’t easy, but last month I was invited along to watch the ceremony and meet some of the keyholders – a select group of security experts from around the world. All have long backgrounds in internet security and work for various international institutions. They were chosen for their geographical spread as well as their experience – no one country is allowed to have too many keyholders. They travel to the ceremony at their own, or their employer’s, expense.
What these men and women control is the system at the heart of the web: the domain name system, or DNS.
#cybersécurité surtout donc (et #spectacle de... dixit Bruce Schneier : « This process is both technical and political, which makes it extra complicated… ») un peu de #NSA et de #gouvernance_internet aussi.
Hier j’ai écrit un truc sur la #résilience (que j’ajouterai ici quand il sera en ligne), mais cet article m’avait échappé, too bad.
The east and west coast ceremonies each have seven keyholders, with a further seven people around the world who could access a last-resort measure to reconstruct the system if something calamitous were to happen. Each of the 14 primary keyholders owns a traditional metal key to a safety deposit box, which in turn contains a smartcard, which in turn activates a machine that creates a new master key. The backup keyholders have something a bit different: smartcards that contain a fragment of code needed to build a replacement key-generating machine. Once a year, these shadow holders send the organisation that runs the system – the Internet Corporation for Assigned Names and Numbers (#Icann) – a photograph of themselves with that day’s newspaper and their key, to verify that all is well.
Elles sont 21 en tout, trois groupes de sept, avec un minimum de trois personnes d’un même groupe réunies physiquement pour chaque « cérémonie » :
All but one of the 21 keyholders has been with the organisation since the very first ceremony. The initial selection process was surprisingly low-key: there was an advertisement on Icann’s site, which generated just 40 applications for 21 positions. Since then, only one keyholder has resigned: Vint Cerf