This is a topic I am very interested in and have spoken with Ray about on multiple occasions. I think this is required for the product to move up the ladder. I also think this is something that should be used with Ray’s server only because of trust issues. It is the same reason I have him hosting the hosted version of my web app.
I think the remote solution can be built into the firmware and use the already present HTTP GET API. This opens all the options off the bat and is backwards compatible. Here is how I see this system playing out:
1) On the firmware an additional button will exist next to the programs and weather buttons, up top, saying Remote Access.
2) That page, when opened, will show the registration status of the device and based off that show you the relevant information or present a form to register.
3) Registration is done using an email and a password. This becomes your login to the mobile app (the one hosted on Ray’s site) for example. This registration has a unique OpenSprinkler ID associated with it and is stored on the server with the account information. Each account can have multiple devices and when using such account you will be presented with a device selection screen on initial login.
4) The device uses an open socket it initiates to communicate meaning no port forwarding is required. This is the part I know the least about and need the most assistance with. The biggest obstacle here is remembering this will be programmed into a microcontroller. Resources are severely limited and doing security using SSL is pretty tough. Therefore, something such as PGP might be suitable? This is where my research has been focused.