kssl: Kerberized SSL

Kerberos in SSL Protocol
Client / Server Messages	Actions

CLIENT HELLO --------------------->	Include KRB5-* in Cipher Suite
<--------------------- SERVER HELLO

<---------------------- ~~SERVER CERT~~	Is Server Cert really optional for https?
<----------------- ~~SERVER KEY EXCH~~
<------------ ~~REQUEST CLIENT CERT~~
<-------------- SERVER HELLO DONE

~~CLIENT CERT~~ ----------------------->	Client: Get User Credentials from Kerberos Ticket Cache Ask KDC for kssl Service Ticket for User Send Kerberos AP_REQ Message in Client Key Exchange Server: Get kssl Service Key from `/etc/krb5.keytab.kssl` Decrypt AP_REQ Message to get Kerberos Session Key Both: Generate Master Secret using Kerberos Session Key
CLIENT KEY EXCH ------------------>
~~CLIENT CERT VERIFY~~ --------------->

CHANGE CIPHER SPEC -------------->	Start passing application data
FINISHED -------------------------->
<-------------- CHANGE CIPHER SPEC
<-------------------------- FINISHED