You can clone with
HTTPS or Subversion.
Feature request: being able to authenticate with facebook and twitter auth (or Oauth in general), in addition to form-based auth and digest, etc.
Sure why not, that's a good idea.
I missed this because it was flagged for v0.5 but the autologin and proxy plugins now work with out of scope domains so they support SSO.