I do think that not requiring users to need another username & password is sufficient justification for the technology, although others may not.

I also think that (done well) OpenID means the user doesn’t have to type anything else in, as it gives you the option of sending your profile to the requesting site. In many cases your profile has the information needed, although some sites will want other specific items.

I’m not sure that OpenID makes it much easier for sites to implement preferences, apart from not having to create usernames & passwords you still have to implment the preferences.

It is also an excellent way to create user accounts (really!) for simple website preferences. (As you will not have to manage the accounts.)

Simon: I’d prefer if CAPTCHA was dropped, although at least with OpenID you’d only have to enter it once.

codemac: You could be onto something there, you might not even need to build it into the blog: Akismet could report any spam from someone using OpenID to the provider.
You might have to only accept people from the main provider(s) though, otherwise spammers could just use their own servers.

I’m not sure that a PGP/GPG structure would restrict it to people you know?

Ideally, I’d want to have a public/private key setup, with my public key published on my web site (in a link-rel), or through a provider.
When I enter a comment or login, you provide the URL. Somehow, (no idea how!) your browser would confirm that you are the owner of the key, getting you to type in your password once per session.

I’m not sure that would increase the trust level at all, but it just seems more ‘mine’ than something like OpenID.

The clear answer is akismet + reporting to places like myopenid.com. You can easily ban their openid providers if they are completely spam, and I’m sure myopenid and others would keep a banlist.