3.1.3 Initialization

The client creates an RPC binding handle, as specified in [C706], to the server RPC endpoint when an RPC method is called. The client can create a separate binding handle for each method invocation, or it can reuse a binding handle for multiple invocations. The client SHOULD create an authenticated RPC binding handle for the best possible security. (Note that this requires establishing the binding to the well-known endpoint that supports authentication; for more information on authentication, see section 2.1). If a binding to the authenticated RPC endpoint is unavailable (as specified in [MS-RPCE] section 3.3.2), the client SHOULD create a binding handle to the unauthenticated RPC endpoint (for more information on backward compatibility, see 2.1).<15>

If an authenticated binding handle is established, the client SHOULD attempt to establish the strongest possible authentication. If this attempt fails but the binding remains valid (that is, the remote RPC implementation server is listening on the authenticated endpoint but does not support the appropriate authentication mechanism), the client can choose to either ignore the error for compatibility or terminate its attempt to invoke the RPC method.<16>