1. 如果你的服务是点对点的，ssl就够了.相互 ssl (Mutual_authentication) 广泛用于客户端 authN 和 authZ.

1. If your service is point to point, ssl is enough. Mutual ssl (Mutual_authentication) is widely used for client authN and authZ.

如果您关注系统性能，请查看 SAML.SAML 是一个签名的 XML 文档，其中包含客户端的 authN 和 authZ，这意味着您无需在服务器上为客户端 authN 和 authZ 循环.

If you concert about performance of system, looking at SAML. SAML is a signed XML document that contains authN and authZ for client, that means you do not need to loop up on the server for client authN and authZ.