I'm just implementing FEP-ef61. Since we've already got nomadic identity, most of the architectural issues were fleshed out years ago and it's just a matter of making that work over ActivityPub. There's nothing to follow really. It's all just making DIDs work with the elephant in the room.
There's an opportunity for some overlap with SSO once we've reached critical mass around DIDs, but SSO is a different domain entirely. We're currently using OpenWebAuth (http-signatures+webfinger) for that; and there's no shortage of people who want to build something on OAuth or SAML. You can use a DID as an identity claim in any of these. Tying this identity claim and proof to your current browser session has always been the biggest obstacle (for any possible value of $browser). What data you use as an identity claim is a relatively trivial part of the problem.
I am also looking forward to creating a new generation of my Fediverse Identity Manager based on DIDs rather than rel-me relationships. That's not really SSO but more identity aggregation.
So this is really a 3-headed beast.