I just implemented Windows Live ID SSO (single sign-on) enabled for our use case project - www.usefulcases.com
I would say that the framework itself is easy, though I ran into an issue due to a configuration issue on our part (not Microsoft fault)
The problem I had was that domain was configured to "foward" so the callback, which was made in HTTP Post, got translated to HTTP Get, loosing the "token" from the server during the course.
I could not get the "token" and had to ask Live ID forum for this *strange* behavior. I got a prompt response for troubleshooting... Of course, it was something we did wrong, so we fixed it.
If we didn't have the configuration problem then it would have been about 1 hour of work from nothing to a SSO. That's pretty good.
Here is the basic step (off my memory)
Go to https://msm.live.com/app/registration.aspx?wa=wsignin1.0 and enter data. Pretty easy stuff. One thing: you need to specify the URL of the callback page. If you use C# sample (see below), it is named webauth-handler.aspx, which you can rename to something else. It can be located anywhere but once you set it, you can't change the registration record (you basically need to re-register, which is easy so not huge deal).
Once the registration succeeds, you get an app ID value.
Download the C# sample at from http://www.microsoft.com/downloads/details.aspx?FamilyId=8BA187E5-3630-437D-AFDF-59AB699A483D&displaylang=en
The sample is a small web app.
Copy one .cs file in App_Code to your web site's App_Code. This is the library class. Also copy the entire Sample folder to your website. I put it under ~\FM\LiveID folder. FM stands for Federation Management. I intend to add YahooBBAuth, so created a subfolder called "LiveID".
Open the web.config in the folder you just copied.
You need to modify a couple of lines: one for app ID (you just got that) and a secrete (that you specified at registration)
The default.aspx page comes with a iframe that shows the "login" link as well as a code to check for a cookie that would be created if SSO succeeds.
Login using the "login" link. You get the standard Windows Live ID login screen at Microsoft server.
When SSO succeeds, the default.aspx will show the "token" value. This value is constant and represents this particular user (or Live ID account, to be precise).
Now, I should try Yahoo! BBAuth (in fact, I've already obtained application ID. I will write about it later.)