A portion of our very security conscious customers want to be able to configure their TFS server to require client certificates. Client certificates allow an additional level of security on top of user name and password that ensures that the computer terminal being used has security clearance – through a cryptographic certificate. The first requests we got for this feature were from the U.S. government but since then we’ve had other requests as well.
Unfortunately configuring it properly is a bit tricky. As such, we’ve recent produced a document on how to do it: http://msdn.microsoft.com/en-us/library/dd407788.aspx
If you want to enable client certificate with TFS, this document is a must read.