If a Cred object is destructed, GSS_Release_cred
(RFC 2743, section 2.1.2) is called. The RFC doesn't preclude
that that function might do blocking network I/O, which due to
pike's object management might occur essentially anytime in any
thread if the object isn't explicitly destructed. To avoid that,
it's recommended to call release in credential objects that
are no longer used.