[OpenID] OpenId downtime

Martin Atkins mart at degeneration.co.uk
Sat Dec 8 10:53:23 UTC 2007 

Martin Fick wrote:
> --- Sakimura Nat <n-sakimura at nri.co.jp> wrote:
>> In XRDS, you can specify multiple service end
>> points with different priority, including OpenID
>> authentication.
> 
> Yes, but where does the XRDS reside, on a web page?
> If I host my own web page with an XRDS specification
> from my openids and this server goes down, I am 
> still SOL, not?  I think that you have just shifted
> the single point of failure from the openid to the
> XRDS host?
> 

I used to run my own email server, but I was unable to keep a high 
enough availability of service on my own server that I managed in my 
spare time, so I instead shifted to having someone else to run my email 
service for me. (Google, incidentally.)

I currently host my own XRDS document, but I do not host my provider. 
The XRDS document is a much simpler "service" to run, because it's just 
a static file. Having high availability on a static website is a much 
easier task, since you can spread load over multiple servers quite 
easily without any shared state between them.

I think the general answer is that you should host your identity URL and 
your provider(s) at places that you trust will provide high service 
availability. If you want to run it yourself, then that option is open 
to you, but no-one's saying that this is the *best* way to use OpenID; 
if you don't think you'll be able to keep up a level of service that 
suits your needs, you should get someone else to do it for you.

The advantage of open tech isn't that everyone can run their own 
services and it'll work perfectly, it's that you get the freedom to 
choose who provides your service. This is not limited to OpenID, but 
also extends to websites, email services, Jabber servers and so forth.

The freedom to choose is also the freedom to make bad choices, but 
people have managed to get along okay so far with these other services 
so I don't think OpenID is at any real disadvantage here other than that 
it's much newer and so the available pool of service providers isn't as 
large at this time. This will, if all goes to plan, change as the 
technology is adopted.

More information about the general mailing list