samuel.bowles.es

The idea behind OpenID is really interesting to me. I’ve long had a password scheme that allows me to generate, and usually remember, a unique password for every website for which I have an account but I’d gladly use that brain-space for more important things. However, if I am going to setup and use a new universal identity I’d like to host that identity on my own server.

It’s with that in mind that I’ve tried a number of OpenID servers along the way and every time I’ve walked away disappointed. Most of the time I chalked it up to immature server implementations by people still trying to figure out the ins and outs of the technology but now I have a new question.

Movable Type 4.0 came with an OpenID server included in the extras folder of my installation so I thought - finally I’ll be able to use OpenID. Six Apart was one of the key architects of OpenID and as such they should have a pretty good idea how to write a server. But I’m having the same issues: some sites silently fail to accept my OpenID without any indication of what might have gone wrong, others say they can’t find my OpenID end-point, but confusingly others accept it without blinking.

What is at the root of this flakiness? Is the technology still that immature that some of the web’s largest sites can’t figure out how to implement it? Or is there too much ambiguity in the spec allowing for differing (and incompatible) implementations? Whatever the reasons until OpenID Just Works&tm; it will be little more than a web-geek’s curiosity.

Here are a few of the sites that do not work with my Movable Type endpoint:

• shoulddothis.com
• basecamphq.com
• ma.gnolia.com
• menuism.com

And a few placees I can sign in:

• jyte.com
• wikitravel.org
• livejournal.com
• openid.net

Update

Todd Sieling, product manager at Ma.gnolia just called me on this very vague “bug report” (and rightfully so) saying, “Unfortunately [your blog post] didn’t provide any details about what actually happens when you try to sign in. Are you getting the same problem with each of the services where you had trouble? Only if we have some kind of clue can we start to help you, but we will do what we can to get it fixed.”

So here are the error messages I get from the four websites that fail to accept my OpenID:

• Shoulddothis responds, “Sorry, the OpenID server couldn’t be found.”
• Ma.gnolia.com responds, “Hrm. Something went wrong.”
• Basecamp responds, “OpenID Sorry, the OpenID server couldn’t be found.”
• Menuism responds, “Oops! An error occured while process your request.”

While I am someone who appreciates clever copywriting tracking these down did make me wish for those classic http errors. A simple 404 from each of these would have clarified that all of these were the same error - as it stands I’m only guessing that they may all be unable to “find” my OpenID server.