I can't speak about existing .NET projects, but I can provide explanation of the basics for a beginner. Although there are some edge-cases and optional functionality, the basic flow is not difficult to understand. OpenID-enabled service providers ("Relying Parties" or RP) effectively off-load the password-checking functionality of authentication to a 3rd party web site ("Identity Provider", or IdP). A (end-user specific) URL to such an IdP is specified by the end-user and (from the point of view of the RP) this URL is the end-user's "Identifier". The RP makes a server-side call to the Identifier URL to get a activity token, and then bounces the browser to the Identifier URL. Now the end-user is interacting with the IdP, and when the IdP is satisfied, it bounces the browser back to the RP with some info tacked onto the query string to indicate success. Voila.
Because the user gets to decide who verifies their identity, they can even choose a service that uses some entirely different authentication mechanism, like calling them up on the phone, or even requiring a thumbprint through a connected device. Alternatively, if they don't trust anyone else in the world, they can program their own IdP and have total control over their identity.
Many times (not here on SO) an RP will actually make the Identifier public throughout the service, e.g. as the end-user's username. Therefore, it's fashionable to use a vanity URL or a blog URL, or something more meaningful than http://superopenidprovider.com/adjad9va8ivasdlkjnq8t7 . So there exists the concept of IdP delegation, through which an end-user that includes on their homepage/blog appropriate LINK tags to http://superopenidprovider.com/adjad9va8ivasdlkjnq8t7, can use their homepage/blog URL as their Identifier. RPs must be aware of this functionality and take appropriate action.
High-level concepts
Roughly from Wikipedia. These are more conceptual than Andrew's answer.
- End-user The person who wants to assert his or her identity to a service provider.
- Identity The service provider-specific information related to a single end-user. I.e. all the stuff an end-user identifies with and wants to protect.
- Identifier The end-user specific URL supplied by the end-user, with which OpenID authentication can be initiated.
- Relying party (RP) A service provider that uses OpenID to determine the veracity of an end-user's identity claim.
- Identity provider (IdP) website that can respond to OpenID authentication requests from Relying Parties, usually involving password-based challenge/response with the end-user via web forms and cookies. IdPs typically support multiple users, and thus allow end-users to register and manage Identifiers through the site. However, an individual can host their own IdP which only authenticates themselves.