I used to share your skepticism about single sign-on. I'm actually quite bullish about BrowserID because it uses concepts that both users and websites are very familiar with (email, 'validated email addresses'), and works it in a flow that feels very much like facebook connect. It's really neat rather than overengineered IMO (and I can say that because I didn't do any of the engineering ;-).
Similarly, the apps project is a lot about recognizing what mobile apps did well, and filling in the gaps in the web (stores, receipts, APIs) that will make it possible for people to translate their mobile appdev skills into the broader web.
Similarly, the apps project is a lot about recognizing what mobile apps did well, and filling in the gaps in the web (stores, receipts, APIs) that will make it possible for people to translate their mobile appdev skills into the broader web.