The vast majority of our users currently access the portal Via Kerberos. We are fine with that, but we have a small number of users that we would like to authenticate with certificates only. Is it possible to use both methods for authentication? I cannot federate or trust in any way with the environment those users work in, but I could issue them certificates from our internal CA. I don't want to reinvent the portal, but right now they have to enter their password when they connect to the portal, and again when they connect to My Site. I really don't want them entering passwords at all since I don't want them to compromise their password to our system. If I issue them a certificate, passwords go away and my problem with multiple prompts in SharePoint goes away too...
Is it possible?