Purely curious, what advantages does this give you in a corporate sort of scenario where your login is probably authing against Active Directory? Does this protocol offer any leverage for developers in a multi-forest setup via API to programmatically choose domain controllers?