here: http://www.mssqltips.com/tip.asp?tip=1714

you can find following informations:

AUTHENTICATE SERVER - Grants or denies the ability to use a particular signature across all databases on the server when impersonation is used..

CONNECT SQL - Grants or denies the ability to connect to the SQL Server. All logins, when newly created, are granted this permission automatically