I’m still a fan of OpenID, even though it lacks solid solutions to some of its problems.

Much has been said about risk of phishing and possible solutions, but I’ve been more ignorant than some to a transient nature of OpenID identities. Simply put, even if you run your own server, you don’t own your domain. You just rent it. Thus you don’t really own your OpenID URL either, which makes it a rather risky tool where some sort of permanent identity is needed.

There are plenty of cases where there’s no such need and OpenID is in my opinion a better solution to them than existing ones. But it isn’t good enough where something less fleeting is required. Maybe XRI/XDI is a better answer?

I don’t know. I’m still a fan of OpenID. It’s just a bit less useful than I first thought.