One third party: a tiny bit more complexity; Many: :-(

I didn’t find the most interesting part of the StackOverflow podcast #16 to be my question. I direct you to 17:06 in, where Jeff discusses the pros and cons of using OpenID as the authentication mechanism for StackOverflow:

Atwood: Granted, there’s a third entity here so there’s going to be a tiny bit more complexity.

What Jeff’s overlooked here is the Combinatorial Complexity; he’s not hooking up with an OpenID provider, he’s hooking up with all OpenID providers, which he acknowledged earlier can be a bit of a problem [34:48 in podcast #7]:

Atwood: Well you can, I found that Yahoo doesn’t really do attribute exchange very well.

If you look at the uservoice… forum… bug-reporting… suggestion-y thing for the StackOverflow beta, you see a lot of people complaining “my OpenID provider doesn’t work [at all]/[properly] with your site”.
OpenID has a spec, but given the difficulties being experienced, it mustn’t be terribly tight or there’s no reference implementation to validate against.

Having said all that, guess what I’m going to be using as my authentication process on my next website?