class scram_gss_api :?client_key_ring:client_key_ring -> ?server_key_verifier:server_key_verifier -> Netmech_scram.profile ->Netgssapi.gss_api
client_key_ring.
      By default, the key ring is empty. On the server side, the object
      authenticates all users whose credentials are available via
      server_key_verifier. By default, no user can be verified.
      SCRAM only allows usernames of type NT_USER_NAME for identifying
      users.
      For principals (servers), this SCRAM implementation allows identifiers
      of type NT_HOSTBASED_SERVICE and NT_USER_NAME. Any such name
      can be used, because the SCRAM protocol does not use principal
      names. The contexts will always return the hostbased service "@" as
      name of the principals.
      This implementation checks whether the messages are verified and
      unwrapped in the same order than generated, and reports this via the
      `Unseq_token and `Gap_token flags. Support for true replay
      detection (`Duplicate_token) is not implemented, though.
      Replayed tokens will also be marked as `Unseq_token.