I think this spec will be a mistake. TBH, I am confident once the flaws are pointed out, the spec will be withdrawn. OpenID is just centralised identity. We might be better of exploring DID specs around decentralised identity - https://www.w3.org/TR/did-core/ Harder to build, but lets not talk to OpenID providers!