Comments on: OpenID’s one big weakness http://arapehlivanian.com/openids-one-big-weakness/ Web Standards, Web Culture, Web Everything.™ Sun, 25 Sep 2011 04:23:30 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Will Norris http://arapehlivanian.com/openids-one-big-weakness/comment-page-1/#comment-8093 Will Norris Mon, 05 Mar 2007 23:26:34 +0000 http://arapehlivanian.com/2007/03/02/openids-one-big-weakness/#comment-8093 There are a couple of solutions to this single point of failure. One that has been discussed on a couple of blogs recently, would be for relying parties to enable you to tie multiple OpenIDs to a single account at the given service (like Magnolia and ClaimID currently do). Of course this would require that you manually link those OpenIDs at each service, which is certainly less than idea. The other option is to do OpenID delegation using XRDS, which allows you to specify multiple delegates in a priority order (my XRDS for example -- http://willnorris.com/xrds.xml). In my case, if MyOpenID is down for whatever reason, the relying party would automatically fail over to livejournal. Of course there is still a single point of failure -- the server hosting my XRDS file (but we all know that DreamHost is rock solid. *cough*). There is a bit of discussion happening right now about how to represent the fact that multiple OpenIDs refer to the same person and should therefore be interchangeable. If this can be achieved in some kind of decentralized way, it may be possible to eliminate the single point of failure. There are a couple of solutions to this single point of failure. One that has been discussed on a couple of blogs recently, would be for relying parties to enable you to tie multiple OpenIDs to a single account at the given service (like Magnolia and ClaimID currently do). Of course this would require that you manually link those OpenIDs at each service, which is certainly less than idea.

The other option is to do OpenID delegation using XRDS, which allows you to specify multiple delegates in a priority order (my XRDS for example — http://willnorris.com/xrds.xml). In my case, if MyOpenID is down for whatever reason, the relying party would automatically fail over to livejournal. Of course there is still a single point of failure — the server hosting my XRDS file (but we all know that DreamHost is rock solid. *cough*).

There is a bit of discussion happening right now about how to represent the fact that multiple OpenIDs refer to the same person and should therefore be interchangeable. If this can be achieved in some kind of decentralized way, it may be possible to eliminate the single point of failure.

]]> By: Ian Muir http://arapehlivanian.com/openids-one-big-weakness/comment-page-1/#comment-7940 Ian Muir Fri, 02 Mar 2007 22:47:15 +0000 http://arapehlivanian.com/2007/03/02/openids-one-big-weakness/#comment-7940 I'd have to say that this is the main reason I haven't implemented OpenID yet. I had a similar issue when I signed up with my OpenID. I tried voting in a Jyte poll and could not login because I had made an error in the sign up process. I'd hardly like entire applications to go down if my OpenID server is not working. Login failing for Jyte is an inconvience, if I start using OpenID to login to my email that's a major problem. So, I'm not planning on implementing anything important until there's a better contingency plan. I’d have to say that this is the main reason I haven’t implemented OpenID yet.

I had a similar issue when I signed up with my OpenID. I tried voting in a Jyte poll and could not login because I had made an error in the sign up process. I’d hardly like entire applications to go down if my OpenID server is not working.

Login failing for Jyte is an inconvience, if I start using OpenID to login to my email that’s a major problem. So, I’m not planning on implementing anything important until there’s a better contingency plan.

]]>