Well, you can still use nip05 to verify an original person. That would require people to pay attention to the whole nip05 name but still serves a purpose. I think we still need to find a better way to deal with impersonation but I don't know what that is.
Usernames don't do anything today. It's easy to remove.
I think nip05 still has some use but not through the random nip05 services out there that don't mean much.
A `jack@cash.app` for instance is a good one. The company we all know Jack works for is verifying nostr:npub1sg6plzptd64u62a878hep2kev88swjh3tw00gjsfl8f237lmu63q0uf63m as their staff.
Discussion
Agreed. Web of Trust is what people usually refer to when talking about these things. It's not a binary offer (trust/not trust) and thus harder on users, but it might be the only practical solution