the single-signon options for mere-Drupal-mortals seem to be pretty thin, which is rather suprizing considering the flagship Drupal Gardens uses OpenID
I am looking at setting-up a network of sites within Aegir hosting and I've been spending a lot of time spinning my wheels with Bakery and OpenID type "solutions" - I've been annoying people and arguing and basically struggling through up the learning curve
the out-dated but sophisticated OSSO (OpenID Simple (Not Single) Sign On) solution on github from Development Seed has been reworked and there are now two modules in sandbox and two install profiles thanks to http://drupal.org/user/359937 xamanu who is working on an installation profile called OmniAuth OpenID Single Signon
the Central American Drupal meetup just happened and there is a presentation in Spanish about this
http://drupal-centroamerica.org/en/sesion/proveedor-de-openid-con-drupal
http://drupal-centroamerica.org/sites/default/files/proveedor-openid.odp
I've asked for paid support, but also looking to work with others on a peer-to-peer basis, looking for helpers here to work through this with me
I've personally reach a blocker with my project based on site-networks because of single-signon or even simple signon
the sandboxed modules
http://drupal.org/sandbox/xamanu/1153576
http://drupal.org/sandbox/xamanu/1153574
drush make http://gitorious.org/openid_sso/makefiles/blobs/raw/master/osso_provider...
drush make http://gitorious.org/openid_sso/makefiles/blobs/raw/master/osso_relying_ax.make
custom hacks of user tables just dont seem right (especially after all the hype around Drupal's core inclusion of OpenID)