Details
-
Improvement
-
Resolution: Fixed
-
Blocker
-
5.5.0
Description
Full & Half modes were provided in 5.0 but it utilizes certificates.
In most of the deployments of target clusters, all network ports are closed but XDCR and it is impossible to retrieve certificates on the wire.
Goal of this improvement is to not use certificates but SASL to hide password on the wire.
Note: Certificates management is not acceptable.
Example: SCRAM-SHA would solve the problem.
Attachments
Issue Links
Gerrit Reviews
For Gerrit Dashboard: MB-25401 | ||||||
---|---|---|---|---|---|---|
# | Subject | Branch | Project | Status | CR | V |
88158,19 | MB-25401 scram-sha support | master | goxdcr | Status: ABANDONED | 0 | 0 |
89685,17 | MB-25401 scram-sha support | master | goxdcr | Status: MERGED | +2 | +1 |
90188,7 | MB-25401 client code for SCRAM-SHA via Http | master | goutils | Status: MERGED | +2 | +1 |
90681,4 | MB-25401 bring github.com/pkg/errors to godeps | master | manifest | Status: MERGED | +2 | +1 |