System for simple, secure API connections

Securely setting up an API key to integrate an external system demands significant effort, e.g.

• Setup HTTPS (generate keypair, generate csr, get it signed, install to server)
• Create a site key
• Create a CMS user
• Create a role and assign permissions to the role
• Assign an API key
• Send the site key and API key to the external system
• (Note: For some scripts, like bin/cron.php, the process is very similar, but you use a username and password instead of an API key.)

In an ideal world:

• An admin who wants to make a link could simply say "Connect to system X", review the expected permissions, and approve. Similarly, revoking access should be as simple as "Disconnect"ing.
• Permissions would be more fine-grained. In addition to specifying "view all contacts" or "administer CiviCRM", allow filtering based on specific API entities/actions/params.
• Public services aimed for general usage could be certified/audited to ensure that they operate securely (and banned if they abuse their access).
• Communications would be strongly encrypted, even on diverse/funky hosting infrastructure.