@aaronpk not sure if you meant "web view" as in embedded web view inside a native app - but if so that is not technically more secure. Launching a system browser prevents the calling app from keylogging in that web page.
I know you know me from a different context, but this is literally what I spend most of my time talking about 🙃 I have like a book and video course all about it 😉
For sure; it just requires specific functionality on the provider's side. With webfinger, we always imagined that you could enable "portability" by setting a redirect or a pointer, again provider-dependent.
in a way, email already is portable. My email address is on my domain, parecki.com, but it’s actually a Gmail account under the hood. If i want to move that to another provider, I can, and I don’t need to tell anyone a new email address. This is of course thanks to DNS 🙃