GSSAPI for email client without Kerberos

Question

Is that possible to use GSSAPI authentication mechanism without using Kerberos system?

I mean GSSAPI supports SPKM for instance that is very close to Kerberos. Is there possible to use it for example?

The main reason I do not want to use Kerberos - because it need sophisticated pre-requisites to be done, it may be not so easy to be done by user so I need alternative here.

Answer 1

Yes, you can but

1. your GSS-API needs tu support that mechanism
2. your SASL implemention needs to interact with the GSS-API and that mechanism

Are you willing to write a MIT/Heimdal and Cyrus SASL plugin?