Provide connection pooling for Negotiate connections

Connections for kerberos authenticated backends are not pooled due to this [corefx bug](https://github.com/dotnet/corefx/issues/39621). Need to work out a solution.

It may make sense to refactor toward one downstream httpmessagehandler per user for any apps with kerberos authenticator. This will require some modification integration with the clienthandlerfactory.