To start, I don't hate the idea of OpenID, I'm just passionate in my reasonings. As with everything else.
It has been noted by various people, various people I will quote as soon as I can find them again, that OpenID is a nifty idea with many logic holes. And I personally get stuck on the DRM issue. For those that don't get what I'm saying, I'll lead you.
OpenID is open source and can be installed on any server anywhere with no restrictions, it's "open" after all. You then can host anyone's account information for any server that supports OpenID. When logging into an OpenID-enabled site, you just redirect them to the proper URL. You log in with one username/password, and bam, you're in.
Until your favorite Satellite OpenID server dies. See as stated numerous times on the OpenID website, all OpenID servers are decentralized. Meaning no connection to any other OpenID server. Meaning that when the user of a particular Satellite OpenID server goes bankrupt, gets busted for pirating the entire collection of Britney Spears, or just decides to throw the dead switch, your account is now gone.
And any account that relied on it is now useless. This is where an OpenID supporter will say, "But you will just use your original login information to log in." And I would reply, "SO WHY DID I USE OPENID IN THE FIRST PLACE IF I HAD TO REMEMBER MY ORIGINAL PASSWORD?!" Seriously though, isn't having to only remember one account information is the whole idea of OpenID? Why yes it is!
Therefore this is PassworDRM. Just like when a music DRM server goes down, you lose your music. If an OpenID server goes down, you lose your OpenID account. Man, you would think a FOSS operation would know better.
What's to do about this conundrum? Well, a central server system! Something that the Satellite OpenID servers are instructed to communicate with and send back encrypted account information so that you would never lose your OpenID account.
How it would work
- You go to login at X site.
- You click on OpenID link. You can either specify the URL of your favorite satellite OpenID server.
- Or let OpenID.net send you to a random Satellite OpenID server.
- Log in.
- The Satellite OpenID server will send a small packet back to the OpenID server, checking the hashes of the accounts to make sure it hasn't changed.
- If the account has changed, or was never on the Satellite OpenID server, that information is now sent it to be kept until the garbage collection date is reached.
- The Satellite OpenID server will then check the user's supplied information about the account against that which it has within its database. The pass/fail is sent back to the server.
- Done.
That's it. Some developers would point out that this takes longer than normal to process. But yes, that's what happens when you use at least three different servers handled by three different groups. It isn't any better with two servers and two groups, but at least my one password works literally at every Satellite OpenID server that wasn't modified stupidly by its maintainer. Another benefit is that the burden is on the central OpenID server to maintain the account information indefinitely, not the individual satellite servers. Which is AS IT SHOULD BE. The satellites would only keep passwords while they are being used, if someone didn't use a password for three months, it would be deleted from the cache without worry of losing that account forever.
I would have also it so you only changed your password on OpenID.net. Why? So that you could have a hash that would be used by the satellite OpenID server to quickly determine if the account information has changed. Then the satellite would update it's database with the new information.
Why is this a better idea? Because it allows for the entire system to work with one server or a billion servers. As OpenID is made more popular, they will get funding from the big companies, therefore the cost argument of running the central server is moot. (A side note to OpenID, if AOL isn't giving you any money to further development, you've failed yourself) It's better because my account truly will be one account that won't die because my original OpenID host liked to download movies a little too much.
You've brought up a good point. OpenID is susceptible to failure, just like anything else. If your OpenID URL and/or provider is unreachable, for whatever reason, you will be unable to use it to log in.
This is why its important to choose your OpenID URL very carefully. Preferably, it should be a domain you own. If you don't want to go through the trouble of buying a domain and/or getting hosting, you should choose someone you trust to host your OpenID for you. There are several large established companies you can choose from including Yahoo, AOL, and VeriSign.
For example, my OpenID URL is kylemulka.com. I own the domain. I don't own the physical hardware that hosts the domain, but if my hosting provider ever goes down, I can switch to a new hosting provider by changing the domain's DNS. I use the delegation feature of OpenID to use LiveJournal as my OpenID provider. So, if the company that runs LiveJournal goes out of business, I can still keep my kylemulka.com identity by just changing some HTML on my home page to point to a different provider. Heck, I can change this HTML whenever I feel like it. I could even set it up (with some PHP code) so that it round robins between three different OpenID providers every minute.
Comment by Kyle Mulka — May 27, 2008 @ 12:04 pm
Not all OpenID supporters are as diligent as you, just like Microsoft was not very diligent with their PlaysForSure DRM service.
The problem with your approach is that you should not have to build redundancy for a such simple procedure as logging in. More to the point, you PERSONALLY should not have to. OpenID should have built in redundancy from the ground up so that it wouldn't matter how many Satellite OpenID servers came or left you would still have one login where ever you went.
(However, note I'm not knocking your ideas. They are similar to what I would do if I were forced to use OpenID.)
If an OpenID satellite fails, your account is lost, no recourse. If a non-OpenID site fails, you just need to wait until the site comes back. Or at the very least, if the site fails, you at least expect your login not to work.
Expectation of success is the worm in OpenID's platform. It isn't like many of the smaller OpenID satellites will advertise their departure and you'll likely find out when trying to log in to update your LJ (for the moment, going on the assumption you didn't use your own OIDS). Users will scramble to remember their original password, and wonder in anger why they decided to use OpenID in the failure.
Comment by Sold Out Activist — May 27, 2008 @ 12:29 pm