> For instance in this
> example server is accepting both Kerberos authentication and "basic";
> if the server requires the relatively high authenticity that Kerberos
> provides, why is it that it should settle for less?
Presumably this is for the case where only "basic" is required, but the
server is willing to accept additional *higher-security* protocols as