RE: RSS...Authentication...and why?

Sunday, August 10, 2003

In EPorter's post , he mentions the issue of RSS authentication, to get to personal information. Why shouldn't we be able to secure content via server tools (although I do think this should be extended into the RSS / XXXX specs)?

What about creating an email client that recreated your email as an rss feed? You could create a "rule" / "filter" on the subject line and/or your bank's email address. Then you'd just need to secure the rss feed on the server side so only you could get it. IP restriction for receiving the feed? Would it be really bad to use some sort of password encoded url (ie. http://logon:pass@mysite.com/BankTransfers.aspx) for the RSS feed?

2 Comments

Part of the reason to incorporate authentication into the spec is to allow the actual content to be modified based on the credentials of the user.

Let's say MSN provided some RSS feeds. They might put advertising into the "free" feeds but remove the advertising for the feeds being retrieved by paying members of the MSN subscription service.

I want to authenticate consumers of my blog's RSS feed so that I can include more personal information into the feed for people I trust and keep my content rather vague for people I don't. And I want to do all this without my consumers even knowing it's being done...!

Kenneth LeFebvre - Monday, August 11, 2003 12:44:00 AM

This site is very good

Teolindo - Saturday, September 20, 2003 5:31:00 PM

Comments have been disabled for this content.