Personal cert htaccess is confusing

[ezyang]

People seem to frequently get confused about how to configure their htaccess to accept personal certs (see RT1522488, RT1122724), omitting a line or attempting to go at it without consulting the FAQ, and having things break. We should investigate how to make this situation better.

[jdreed]

On the web.mit.edu side of things, we (OLC) briefly considered the following options:

• a script that sanity-checked a directory for common failure modes (e.g. non-Unix linebreaks in .htaccess.mit, incorrect AFS permissions, whether or not it was accessible by an unprivileged user, etc)
• a script for managing permissions (discouraging people from editing the files directly)

Neither of these actually got implemented, primarily due to apathy, and not any inherent problem with the method.