Description of the update that implements Extended Protection for Authentication in the HTTP Protocol Stack (http.sys)
This article describes a non-security update which implements Extended Protection for Authentication in the HTTP Protocol Stack (http.sys).
When Extended Protection for Authentication is enabled, authentication requests are bound to both the Service Principal Names (SPN) of the server, the client tries to connect to and to the outer Transport Layer Security (TLS) channel over which the Integrated Windows Authentication authentication occurs.
To use the features that this update includes, you must have the update 968389 installed on the computer. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
968389 Extended Protection for Authentication
For more information on this issue, including potential causes, workarounds, and resolutions, see: Microsoft KB Article KB970430.