I found this article interesting, at least for the technical details: The Mysteries of X-GOOGLE-TOKEN and why it matters.
On a related note, if you needed a simple single sign on system to deploy in a controlled environment, that could be used with PHP and Perl sites, and with Apache+mod_(perl|php) or lighttpd+fastcgi.... Probably no such beast.
I'll see if OpenID covers what I need. Yes, it's not a SSO system, but maybe it's a good base to build on.