Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
X-Mailer: MIME-tools 5.427 (Entity 5.427)
Subject: gss_init_sec_context misbehaves on mismatched credentials
X-RT-Original-Encoding: iso-8859-1
Content-Length: 289

If you acquire a claimant credential with one mech type (say, krb5) and 
then gss_init_sec_context with another mech type (say, SPNEGO), RFC 2743 
implies that you should get back GSS_S_BAD_MECH.

What actually happens is that we proceed with default credentials for the 
named mechanism.