ive got a fair amount of experience with being an openid user. livejournal provided me my first openid url. then through the local ruby group i saw the ruby implementation of openid by the janrain people. then i made use of client portion of that library in a ruby on rails application for gridcolo.net. openid is a very open standard and works well. its secure if used over https.
single signon or federated identity is a brave new frontier. im convinced it will profoundly change the web.
one thing ive learned, is that once single signon is working, its forgotten just as quickly. what matters next is the information that is accessable from my identity server. single signon leads almost immeadiately to identity management. YADIS looks to be the leading standard.
the next big step is having a place to keep a profile. a living profile that you build and maintain. like an avatar in a video game. you also set detailed rules about who is allowed access to what parts of the profile. this is a great opportunity for a webapp to fill this need, but i believe its better served as a local application. building up your profile could be fun in and of itself. the local application would be its own openid server. your identity url would be a reliable host on the internet, but a relay would be setup whenever you turned your laptop on in a cafe.