It seems to me that a lot of the arguments against OpenID are either made out of ignorance or by people with an axe to grind.

For example, the document you link to complains that identifying yourself with a URI is ‘dehumanising and more than a little frightening’. Is that a legitimate complaint, or something written by somebody desperate to find things to complain about?

The two major things that get brought up are phishing and compromised accounts and these arguments have been rehashed so many times, it’s hard to take somebody seriously if they bring them up yet again with no new points to make.

Phishing protection depends on the provider. Some providers offer much better security than typical websites ever would. Some providers just offer the typical username and password. Either way, if an account is compromised, that’s something between the user and their provider, it’s not your concern. You don’t worry that the end-user has a keylogger installed on their computer, do you? That’s because their local security isn’t your responsibility, even though it might be used to gain access to their account. Likewise with OpenID – its security is not your responsibility.

If you compromise an OpenID, it gives you access to more than a single website. Sure, but the same is true for email. Just say you’ve forgotten your password, and you get sent a new one. You now have access to every account they’ve registered with that email address.

OpenID is no worse than the status quo, and it’s significantly better in many circumstances, especially for informed users. If you are still wary of it, then just make it optional, so only the informed users use it.