On Mon, Mar 13, 2017 at 12:51:40PM +, Daniel P. Berrange wrote:
RFC 6331 documents a number of serious security weaknesses in
the SASL DIGEST-MD5 mechanism. As such, libvirtd should not
by using it as a default mechanism. GSSAPI is the only other
viable SASL mechanism that can provide secure
On 03/13/2017 01:51 PM, Daniel P. Berrange wrote:
> RFC 6331 documents a number of serious security weaknesses in
> the SASL DIGEST-MD5 mechanism. As such, libvirtd should not
> by using it as a default mechanism. GSSAPI is the only other
> viable SASL mechanism that can provide secure session
RFC 6331 documents a number of serious security weaknesses in
the SASL DIGEST-MD5 mechanism. As such, libvirtd should not
by using it as a default mechanism. GSSAPI is the only other
viable SASL mechanism that can provide secure session encryption
so enable that by defalt as the replacement.