Interruptions in authentication process

[Alex Barth]

In the course of ironing out workflows between OpenID provder and  
OpenID relying parties it I am facing usability problems that I'd like  
to submit here to the attention of some more experienced OpenID  
developers than I am.

I am interested in any feedback, pointers to existing conversations,  
sections in current and future specs that I may have overlooked etc.

Here is the problem: There are some actions that can occur during  
authentication where a user can fall through the cracks:

A User is redirected with an authentication request from RP to OP,  
requests a new password on OP, email client opens different browser  
for a one time password reset link embedded in the email.
B User is redirected with authentication request from RP to OP, but  
would like to log in with different user than the one currently  
authenticated on OP, user is logged out and session is deleted.
C RP offers OP as identity provider, user selects OP, is redirected  
with authentication request to OP. User does not have an account yet,  
creates one, confirms email address, but again, email client opens  
different browser (similar to A).

In all of these scenarios the user's session and with it her  
authentication request is lost - the authentication process is stuck  
in its tracks.

Is the assessment of the problem flawed? Is there a solution in the  
specs that I am overlooking?

Thank you for your input.

Alex Barth
http://www.developmentseed.org/blog
tel (202) 250-3633