This spec lets an OpenID Relying Party work from behind a firewall or NAT. The asociated GitHub project implements the relay server as a Java Servlet.
Please, anyone interested comment on the spec in the wiki or the bug tracker. Or, look at the implementation!