You're talking about a protocol feature that allows a client to submit a username/password pair to the server.

I was talking about the underlying SSL mechanism that allows a client to verify the server's identity using certificates (very simplified).

-- TMTOWTDI