Monday, November 26, 2007

One of the many problems of OpenID

I have just come back from a short trip, which has given me some space off work and had some time to start thinking about getting things done.

So, one of the very first actions is to get into Issues Done then realized I could not login as my OpenID server -- Videntity is either down or gone.

Stefan Brands wrote a good entry to discuss about the problems of and with OpenID. Do check it out.

The model of OpenID suggests a decentralized approach which arguably is its strength and at the same time its biggest weakness. The service is no longer dependent on just the service provider but also the external authentication service provided by a third party.

Ideally, if all servers are available, everything works in yours and the dreams' favor. But at this moment, I am totally prohibited to enter any of my sites registered under my OpenID. How bad it is?

- yc, pffft


Will Norris said...

I am annoyed by this scenario as well, but for a different reason. OpenID supports delegation which allows you to use a URI which you do control (like your personal blog for example) as your OpenID and then delegate that to another service. If that service drops off the face of the earth, or the grass simply looks greener elsewhere, you simply change where you delegate you OpenID to. My annoyance is that I don't believe the OpenID community as a whole as promoted this feature like it deserves.

Carsten Pötter said...

I second Will's comment. If you have control over a website delegation should be the preferred method of using OpenID. It makes testing new OpenID providers also rather easy and users won't lose profile data et al at their favourite relying parties.