Due to the nature of OpenID, wouldn't it be a lucrative target for spammers? For starters, you could create an OpenID account on any site and use it on any other site which would mean that I could log into a forum and write a few thousand posts if the forum assumes that logged in users can be trusted.
Do you agree OpenID is lucrative for spammers? Does OpenID anticipate an onslaught?
That could happen, but I haven't heard of it.
At any rate, OpenID is not meant as a protection from spamming, but doesn't prevent it either. A site could always use a captcha in addition to login via OpenID.
Yes, that is a problem. No, that doesn't have anything to do with OpenID.
OpenID is designed to be a user-friendly replacement for E-Mail based login. It is only designed to solve the usability problems of E-Mail based logins, it is not designed to solve any of the security problems of E-Mail based logins.
If there are rogue OpenID providers out there, that allow users to create accounts willy-nilly, without checking their identity, then that is a problem. However, the exact same problem also exists today, with E-Mail logins: if E-Mail providers allow you to create E-Mail accounts without proving your identity, then you can use that E-Mail address to log into any forum.
However, this problem has been solved long ago for the E-Mail case: only allow logins with E-Mail addresses from trustworthy providers. And the same can be done for OpenID: only accept OpenIDs issued from trustworthy providers. If someone logs in with http://John.Doe.VeriSign.Com/, you let them in, and if someone tries to log in with http://Any.Nymous.Evil-4aX0rZ.ru/, you reject them.
Actually I think OpenID has great potential to defeat spammers. For one thing, the requirement of having separate identities on different sites mean that a real user has no opportunity to develop any kind of reputation or credibility.
By using OpenID, third parties can collaborate and aggregate reputation information. For instance, if I've been using an OpenID account for 5 years without a spam complaint, then, for all intents and purposes, I'm a good user and can be trusted.
Newer OpenID logons can then be subjected to more scrutiny, and perhaps more rules, such as not being able to post hyperlinks, or for presence of spammy keywords.
I think it does make things easier for let's say less technical spammers, who do things manually. If someone wants to spam 30 forums, that is 30 full registrations, which takes time, with open id it is one full registration at yahoo, google, etc and then 30 partial (or none at all) registrations at forums that accept open id.