FirstBits looks nice at glance, but is bound to create a gold-rush to grab every nice-looking FirstBits address. HTTPS is only as secure as the (centralized) CAs, thus not really any better than TXT records. I don't think an address of some form is avoidable.