[OpenID] An OpenID "mobile" Hint?

[Martin Atkins]

Maybe I'm misunderstanding what you're looking at here, but surely 
anything that the RP can "see" to determine whether you're on a mobile 
device can also be seen by the OP? They're both just websites, after all.

Having the RP be responsible for switching on provider seems like the 
wrong approach to me. I'd rather just pick an OP that has good mobile 
support and know that it'll always work than have spotty support across 
RPs and never know quite what it's going to do. If your provider doesn't 
work well on your mobile device, you should switch to a provider that does.

What's the advantage of having the RP determine that you're "on a 
mobile" vs. the OP?



David Recordon wrote:
> In developing a mobile application that uses OpenID for logins one of  
> the things I've become really cognizant of is how poor of the mobile  
> experience most Providers have when it comes to OpenID.  It obviously  
> doesn't take a lot to create a streamlined Provider flow for  
> authentication and the trust request, but so far it seems that no one  
> has really done that.  I was also thinking more about Providers such  
> as YubiKey where authenticating with a USB device (despite how awesome  
> it is) won't work on my iPhone.
> 
> I'm wondering if it would be useful to write a dead simple extension  
> to provide some hints around mobile support?  Allow a Provider to  
> advertise in an XRDS file that they support a mobile login flow so  
> that Relying Parties could discover that theoretically making it so  
> that I could use a Provider such as YubiKey on the desktop and then  
> MyOpenID on the phone.
> 
> Am I barking up a useful tree?  If I spec'd this would any Providers  
> actually implement a mobile friendly flow?
>