Full & Half modes were provided in 5.0 but it utilizes certificates.
In most of the deployments of target clusters, all network ports are closed but XDCR and it is impossible to retrieve certificates on the wire.
Goal of this improvement is to not use certificates but SASL to hide password on the wire.
Note: Certificates management is not acceptable.
Example: SCRAM-SHA would solve the problem.
|support SCRAM-SHA for HTTP on ns_server