Delegation is the assignment of responsibility or authority to another identity to carry out specific activities. It is one of the core concepts of management, shifting the decision-making authority from one organizational level to a lower one and empowering a subordinate to take responsibility. In Windows networks, delegation allows a service to impersonate a user or computer in order to access resources throughout the network.
by Matan Hart
Full Abstract: https://www.blackhat.com/asia-17/briefings/schedule/index.html#delegate-to-the-top-abusing-kerberos-for-arbitrary-impersonations-and-rce-5169