I have 2 enhancement proposals.
1) Add an optional expires field to the URI - this indicates 'don't send to this address after this date'. This is to alleviate the problem of needing to keep a private key around forever. In many applications clicking on a URI to send bitcoins will result in only 1 tx immediately, but there may be applications that remember the address - this would indicate an expiry date to those applications.
2) Add a facility to receive money via a URI
i.e. clicking on a webpage to receive money from the website, or receiving money by email or SMS.
Here's how the scheme would work. The sender generates a new keypair, and publishes a transaction sending the amount to that keypair using the 'send to IP address' script form:
scriptPubKey: <pubKey> OP_CHECKSIG
The sender then generates a bitcoin URI - and includes in the URI the hash of the public key, and the private key. (both are short).
Now the recipient receives the URI (i.e. user click on it in a webpage/email/sms) - the recipient's wallet can find the transaction (it has the hash of the public key, so can find the tx), and the recipient can 'claim' the money - by generating another keypair, and doing another 'send to IP address' tx sending the money to themselves.
If the recipient does not claim the money the sender can get it back - perhaps the URI can also include the optional 'expires' field, to indicate the sender will reclaim the money if not claimed within this time period.