Messages - 3.1.2 additional display parameter options (Normative)

Currently OpenID Connect defines one value 'none' which means that the request MUST be handled without showing any UI to the user. Facebook defines (page, iframe, popup, touch, wap) some of which are also in the OpenID UI Extension. I'm not sure we want to support iframe so I didn't include it in the list below.

page -- The Authorization Server SHOULD display authentication and consent UI consistent with a full browser page view. If the display parameter is not specified this is the default display mode.

popup -- The Authorization Server SHOULD display authentication and consent UI consistent with a popup browser window. The popup browser window SHOULD conform to N x N pixels.

touch -- The Authorization Server SHOULD display authentication and consent UI consistent with a device that leverages a touch interface. The Authorization Server MAY attempt to detect the device touch and further customize the interface.

wap -- The Authorization Server SHOULD display authentication and consent UI consistent with a "feature phone" type display.

Marius suggested we also add 'embedded'...

embedded -- The Authorization Server SHOULD display authentication and consent UI consistent with the limitations of an embedded browser.

Note that the semantics of 'none' are slightly different as the values described here are more hints from the client where as 'none' is a "command". Would it make sense to move the 'none' feature of display to the 'prompt' parameter? It seems to me that the semantics fit better. The main point of 'none' is that we don't want to ask the user any questions. The fact that no UI is displayed is a side effect of not asking the user for any input.