Search notes:

Kerberos

Kerberos is an authentication system that uses shared secrets and assumes an involed third party to be secure.
The kerberos protocol uses strong cryptography so that a client can prove its identity to a server and vice versa across an insecure network.
Kerberos is defined in RFC 4120

Types of accounts (principals)

Kerberos defines two types of accounts (principals):
A SPN can be assigned to users or computers.

Kerberos' three heads

The client. Usually the user.
The server. Usually a programm offering a service (such as a database etc.)
KDC: The key distribution center. This is the trusted 3rd party used to verify the authenticity of both the client and the server.

KDC - the key distribution center

The KDC provides two services:

cmd.exe

Apparently, klist.exe is a command that can be used in cmd.exe.

See also

Windows service: WinRM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\Kerberos
RFC 4559: SPNEGO-based Kerberos and NTLM HTTP Authentication in Microsoft Windows describes how the Microsoft Internet Explorer (MSIE) and Internet Information Services (IIS) incorporated in Microsoft Windows 2000 use Kerberos for security enhancements of web transactions.
RFC 1510, RFC 1964, RFC 6649
Oracle SQL Developer allows to set the location of the krb5.conf file under Tools -> Preferences -> Database -> Advanced.
ksetup.exe
The property AuthenticationType of the .NET class System.Security.Principal.WindowsIdentity.
wdigest.dll
Windows authentication

Index