From 8bd877d179906228c787900ec3aca7de1905418d Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Fri, 12 Aug 2011 23:51:41 +0200
Subject: docs: --delegation

---
 docs/curl.1 | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'docs/curl.1')

diff --git a/docs/curl.1 b/docs/curl.1
index 362bea1b6..92835c208 100644
--- a/docs/curl.1
+++ b/docs/curl.1
@@ -320,6 +320,18 @@ URL-encode that data and pass it on in the POST. The name part gets an equal
 sign appended, resulting in \fIname=urlencoded-file-content\fP. Note that the
 name is expected to be URL-encoded already.
 .RE
+.IP "--delegation LEVEL"
+Set \fILEVEL\fP to tell the server what it is allowed to delegate when it
+comes to user credentials. Used with GSS/kerberos.
+.RS
+.IP "none"
+Don't allow any delegation.
+.IP "policy"
+Delegates if and only if the OK-AS-DELEGATE flag is set in the Kerberos
+service ticket, which is a matter of realm policy.
+.IP "always"
+Unconditionally allow the server to delegate.
+.RE
 .IP "--digest"
 (HTTP) Enables HTTP Digest authentication. This is a authentication that
 prevents the password from being sent over the wire in clear text. Use this in
-- 
cgit v1.2.3