This week, I went to create my 330th (yes, three hundred thirtieth) account on the internet. I had gone to register to attend a meeting and was forced to create an ID on ProtectNetwork (but at least the site I was trying to go to was willing to accept and ID from an IdP rther than creating a local ID as most other sites force).
After completing the registration form (not that much information, but it did have one of those pesky secret questions that I dislike so much), I clicked on Submit and got a "Service Unavailable" message that claimed it was because of maintenance or because of too much load.
Several attempts over a non-trivial amount of time to do anything like login, or register resulted in the same message.
That really irked me. An entity that wants to represent themselves as an IdP really needs to achieve close to 100% availability. Without such levels of availability we will never move away from local authentication at every party (and my 330 accounts will continue to grow and grow).
Looking around their site I found their SLA which stated:
99.9999% Network Uptime
9Star Research, Inc. guarantees that its ProtectNetwork.ORG identity provider and authentication network will be available 99.9999% of the time in a given month, excluding scheduled maintenance. Network uptime includes functioning of all network infrastructure elements including routers, switches, firewalls, intrusion detection devices and cabling.
9Star Research, Inc. Guarantee: Upon experiencing downtime, 9Star Research, Inc. will provide ....... to the customer.
While 4 9s of uptime is a laudable goal, I really, really, don't like the "excluding scheduled maintenance" clause as that just opens a door through which one can drive a truck.
I'm not trying to pick on ProtectNetwork, but rather using them as an example of what entities that want to be IdP's can't do if they want this IdP business to succeed. We have to design our systems so that there is no scheduled downtime . Yes interruptions can occur because of problems outside of one's control. However the basic applications much be designed so that they can be incrementally upgraded without the need for scheduled maintenance periods.
And, in closing, i do have to admit that after I wrote this, I went back to the site and was able to create my account.
Tags : identity / IdP / SLA / protect network
No comments:
Post a Comment