Making the browser OpenID-aware

Dion Almaer writes on Ajaxian:

If a site groks OpenID the browser should be able to pass that over without having me intervene at all. It could hide the entire login process if we came up with a microformat to let all sides know what is going on. (OpenID and OAuth in the browser?)

Singularity is going to have OpenID as the only means of logon/registration but OpenID is far from perfect; especially for state-maintaining clients like Flash, Silverlight and Ajax-based RIAs. The change of context from an application to a web site for login is a very jarring user experience.

Thinking about this, I've come to the conclusion that we're trying to solve the problem at the wrong level: this is an issue that should be handled at the browser level. And we can solve it using existing technologies like OpenID.

Imagine, for example, if the browser knew of certain OpenID providers and understood an attempt to access an OpenID provider. The browser could intercept that request and, instead of taking the user to the OpenID provider's web site, it could display a browser login dialog box (branded with the OpenID provider's logo and the OpenID logo) and relay that information back to the application.

This way, a browser that doesn't understand OpenID would just stay out of the way and the user would have the standard OpenID authentication experience of being taken to the OpenID provider's web site. A browser that does understand OpenID, however, could provide a far superior user experience by keeping the user on the same site or application and handling the login via a browser login dialog.

I wonder how difficult it would be to create this as a FireFox plugin?