Based on following discussion with dlloyd@redhat.com:

> - key-pair - what is the reason for this credential element? How it can be used?

This is for key-based authentication mechanisms, like SSH. We're also
developing a key-based SASL mechanism [1] that will hopefully make some
progress in the next quarter (and is open to contribution from all).

> - public-key-pem - I do not understand reason of this credentials on client side. I would be able to understand private-key-pem. Is this element correct or should be removed?

A public key could be used for the purposes of server verification. We
don't yet have a way to establish a means to authenticate servers
though, other than using a trust store; this is something that will
probably be developed in conjunction with [1].

[1] https://github.com/dmlloyd/pk-rfc

we suggest to remove key-pair and public-key-pem from configuration.authentication-client.authentication-configurations.configuration.credentials in Elytron client configuration file. We can introduce those credentials once it will be implemented. Provided credentials for mechanisms which are currently not supported in Elytron can be confusing and can result in incorrect client configuration.