This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version.

This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.

You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.

as stable API

This interface exists to expose security information about Channels. The two properties are sometimes immutable and can be used to make decisions on how cautious to be about transferring sensitive data. The special case of ServerAuthentication channels is one example of where the two properties are immutable.

For example, clients MAY use these properties to decide whether the PLAIN mechanism is acceptable for a SASLAuthentication channel.

True if this channel occurs over an encrypted connection. This does not imply that steps have been taken to avoid man-in-the-middle attacks.

For future support for RFC 5056 Channel Binding it is desirable to be able to use some SASL mechanisms over an encrypted connection to an unverified peer, which can prove that it is the desired destination during the SASL negotiation.

True if this channel occurs over a connection that is protected against tampering, and has been verified to be with the desired destination: for instance, one where TLS was previously negotiated, and the TLS certificate has been verified against a configured certificate authority or accepted by the user.