[charlieok]

Mainly, I hate the proliferation of passwords, and I hate typing those passwords in all the time. I'd rather consolidate those down into a handful of distinct purpose-specific identities that I have some ownership and control over.

Also, you wrote: "Just having the browser as a middleman doesn't help if your data gets sent to or intercepted by the wrong people".

Actually, having the browser more directly involved does help with this, because it can use strong authentication when negotiating a TLS session.

By "strong authentication", I mean the authentication protocol has security features which make it useful over an untrusted network in the presence of eavesdroppers or even active adversaries looking to pull off a man-in-the-middle attack.

Client certificates are a good example of this and are supported by today's browsers but there are UX problems there.

It's not that the forms-based system doesn't work. I just think it could be a lot better.

Just consider how much easier it is today to stay in a "walled garden" social network than to be an active commenter on a large number of independent blogs.