One question that I've heard asked many times about OpenID is what the business model is for an OpenID Provider. Companies that provide OpenID identifiers alongside other services (Yahoo!, for example) can perhaps treat OpenID as a way to get you to sign up for an account through which you can be encouraged to use other services. For standalone OpenID providers it's a trickier question.
One possible model which came up on the OpenID mailing list today is to have a provider which charges money in return for an uptime guarantee. In theory, an OpenID Provider service should be reasonably easy to make high-availability if you use your imagination when designing your infrastructure. This model depends on OpenID taking off for use-cases which are critical to a company's business, but it would presumably allow for quite dependable income.
However, another interesting thing to consider is that your OpenID Provider is in an interesting and enviable position: it is able to see every site that you authenticate to using the identifier they provided. You'd have to be careful not to overstep the privacy mark on this one, but it's not hard to imagine using a profile of the sorts of sites a user visits to target advertising at that user. The harder question is where exactly this advertising would be viewed. Chucking in an advert as part of the authentication approval process would be a brute-force solution, but you'd probably tick your users off pretty quickly with that strategy. Services like Yahoo! and Google are probably in the best position to make use of this, since they offer several other ad-supported services.
Of course, I'm not saying that this is a good way to fund your OP, just a way to fund one. You'll probably face an uphill struggle against privacy advocates if you're too blatent about it. It's worth remembering that this is possible, though; if what I've described here concerns, you, you'll want to pick your OpenID Provider carefully.