This interface defines a pluggable way to obtain a session key given an AP-REQ Kerberos token and a
Subject. The session key is needed on the receiving side when it is used for message signature or
encryption. A default implementation is not shipped with WSS4J due to a dependency on internal APIs
or ASN1 parsers.