[OpenID] Too many providers... and here's one reason

[SitG Admin]

>>  We are miscommunicating here. You are making a security argument, and
>>  I'm making a software architecture argument.
>
>No. I am saying that if the user experience is not to change then you
>are severely restricted in what you can do.

Neither of your posts leave me with a solid idea of what "user 
experience" means here. When a site I'm visiting has a new 
certificate, and I get asked to confirm it, but I have to click my 
mouse 2 or 3 times to actually see the signature, is that a unique 
enough "user experience" that giving me all the information up-front 
would qualify as a different user experience? If the OP upgrades and 
suddenly starts asking me to place my thumb against a biometric 
reader they sent me, in addition to entering a password like before, 
is this a change in "user experience" even though the redirection 
between OP and RP in my web browser remains the same?

-Shade