ICANN 14 Keyholders

Four times a year the seven key holders, who possess the codes to the world’s internet, meet to unlock the next three months of secure web use.

So, who controls the internet? The Internet Corporation for Assigned Names and Numbers (ICANN), which is a non-profit group that has been monitoring and securing the internet since 1998, the dawn of the modern domain name system (DNS).

DNS is like the internet’s phonebook, ICANN coordinates these “phone numbers” across the world. Without DNS, you’d have to type in a website’s long series of numbers such as “12.34.567.89” to access your desired content. With DNS, you’re able to just type in “http://icanhas.cheezburger.com/” and skip over the numerical hijinks.



To ensure the utmost safety of the internet, ICANN created seven keys that when put together, create a master key that could potentially shut-down or restart the world’s internet. The implications are massive, deadly even.

Say a dangerous intelligence organization or terrorist group were to gain access to the keys, they could literally control the internet. Our modern society has become so dependent on the internet, society would easily collapse, defense systems, government organizations, and peace-keeping organizations would fall apart.

To thwart this, ICANN has designated seven key holders for the east and west. ICANN hand picks the primary key holders from all around the globe, people who exemplify expert knowledge of the internet and devote their lives to protecting it. The organization makes sure to divvy up the keys as evenly as possible so no one country holds more power over another.

Each group of seven has their own respective backup key holders who contain smart cards with a portion of the code to generate a backup key. While these backup key holders don’t attend the quarterly ceremonies, they are required to send a picture of themselves, their smart card, and the day’s newspaper every ceremony date.

Just wait, things get weirder…

The Guardian’s James Ball was the first journalist ever to be allowed within the ICANN inner sanctum. His story can be found here, in which he recounts every detail of the lengthy ceremony and the cast of characters who hold the keys to the internet.

The key holders have to go through a 100 point check list to complete the ceremony, beginning with a series of security protocols: a pin code, smartcard, and a biometric hand scan. All this, to enter a tiny room that requires yet another sequence of security measures to enter another small room that looks like a break room from your favorite office-sitcom.

Eklund Löwinder, the Swedish key holder, told the Guardian, “It’s a system based on backups of backups, layers and layers of security,” The extent of which even requires an official recorder who attends the entire ceremony, keeping tabs on everyone and everything. “Of course it is a bit romantic and thrilling to be a part of this, because I am a romantic by heart. I have to admit I love the internet. It’s a piece of engineering art you have to admire. And to be able to contribute to make this a safer place makes me feel good.”

Eklund  Löwinder, the Swedish key holder.

Eklund Löwinder, the Swedish key holder.

The key holders and entourage of security personnel wait until the ceremony begins. At which point, they are led into the ceremony room after passing an advanced iris scanner. The small room holds two bolted down benches, two safes, and a desk surrounded by a couple chair. No electronics are allowed in the room, save for a dust buster to prepare for the ceremony.

The ceremony begins with each key holder inserting their smartcard inside a high-security machine which generates a long cryptographic code that will later be downloaded onto a flash drive, and then uploaded onto the internet.

The leader of the ceremony reads off a 64-character code, received by the key holders with nods as they verify the code created at the previous ceremony. Then, each key holder relinquishes their smartcard and waits for the machine to sign the new key. Two hours after the ceremony began, the new key is reborn to the sound of applause. New keys are issued to the key holders, and the leader of the group uploads the signed key to the internet, effective for three more months until the ceremony must begin again.

You might be wondering, is this really necessary? Do we really need a 100 point procedure, 14 key holders, 14 backups, countless safe rooms each with their own security protocols, and pages of cryptographic codes?

Yes. Without these protocols and brave men and women guarding the keys to the internet with their lives, well… you wouldn’t be able to read this blog right now, would you?