There are config setting changes for Tcp channel authentication in .net framework 2.0 Beta2. Here is a sample server configuration, Note that secure="true" gives a setting of TokenImpersonationLevel.Identify and ProtectionLevel.EncryptAndSign:

<configuration>
      <system.runtime.remoting>
            <application name="BVTServer">
                  <service>
   <wellknown mode="SingleCall" type="Factory, server" objectUri="Factory.soap" />
                  </service>
                  <channels>
                        <channel ref="tcp" port="8000" secure="true" impersonate="true" protectionLevel="EncryptAndSign"/>
                  </channels>
            </application>
      </system.runtime.remoting>
</configuration>

Here is the corresponding client side config:

<configuration>
   <system.runtime.remoting>
      <application>
         <client url="tcp://localhost:3300/BVTServer">
            <activated type="SimpleServer, server"/>
         </client>
         <channels>
         <channel ref="tcp" secure="true" tokenImpersonationLevel="Impersonation" protectionLevel="EncryptAndSign"/>
         </channels>
     </application>
   </system.runtime.remoting>
</configuration>

Another change in Beta2 is that the client principal now flows in Thread.CurrentPrincipal.