Securing Feeds

Greg Reinacker of NewsGator has as smart post about security in XML feeds where he makes a strong argument for reusing prior art:

My advice for now? Don't worry about it. RSS today is transported via HTTP. Sure, you could use other protocols - but almost no one does. This same argument came up some time ago about SOAP web services...a lot of work went into making sure everything was portable enough to deliver SOAP messages through any arbitrary transport. But in real life? Almost no one is doing it.

We don't need more protocols. We don't need yet another encryption standard. We don't need yet another authentication mechanism. Use what works today - it's proven itself already.

It's a compelling argument, and one that offers an interesting perspective alongside announcements such as Reactivity's partnership with SimpleFeed on feed security. Both scenarios are important to keep in mind for a variety of future needs that bloggers will face, including the increasingly popular practice of republishing feeds without permission, especially by link spammers.