SSO authentication: a new approach

[John Good]

Ray -

IRSA allows uploading of files now, too.  However, in each case those
files are for a specific purpose (e.g. cross-compare against catalog X)
and are not then directly downloadable again.  If you allow general
essentially anonymous upload of files which are then URL-accessible,
you will have created the world's largest porn repository.  You can't
police this by file content unless you know a way to identify a JPEG as
containing astronomical imagery.

I think the answer is not weak certificates but "weak" CAs.  With a
local small-community CA, which also acts as proxy for the user as
a SSO site, the user isn't really having to handle certificates themselves.

- John