There is this very interesting comparison of different OpenID providers. What was really interesting is how few (according to the author) do not support HTTPS for all aspect of the authentication. Not using HTTPS for the entire site can lead to session hijacking vulnerability. If a malicious user can hijack the authentication session at the IdP, then he can impersonate the user at all relying parties the user has registered that OpenID identity with.
On a related note there was this announcement about ClaimID.com now supporting HTTPS. I would have assumed that it already did.