Secure RSS Syndication By Joe Gregorio I have a problem. It's actually a pretty common problem. I have data that I want to syndicate to myself, but I don't want you to see it. It's private. Now this could be my credit card balance or internal bug reports for the day job. Either way, I want the information in a form suitable for syndication but not available to everyone. A Solution
There is a solution. I could password-protect my feed. But that causes a problem, because my aggregator would then need to know my password. Now my aggregator of choice is Bloglines, and I'm sure they're nice folks, but I really don't want to give them my password. One security breach and my whopping credit card debt is splattered across the Web. Just for the record, for the rest of the discussion I will use Bloglines, but in fact one of my design goals is that this technique should work equally well with all web-based aggregators. One other possible solution comes from Atom. Atom provides support for XML Encryption Syntax & Processing. This isn't really usable, for several reasons: 1. Atom isn't finished. 2. Bloglines doesn't support XML Encryption. 3. I want my encrypted data now! A Different Solution A better solution would not require me to give Bloglines my password, or some other key with which to decrypt my content. But if Bloglines isn't going to decrypt my content, who will? How about my browser? If I can somehow get my browser to decrypt the content of the feed, then I can continue to use Bloglines to poll the feed and present me with new items as they appear, but the decryption is done in my browser. < snip > http://www.xml.com/pub/a/2005/07/13/secure-rss.html You are a subscribed member of the infowarrior list. Visit www.infowarrior.org for list information or to unsubscribe. This message may be redistributed freely in its entirety. Any and all copyrights appearing in list messages are maintained by their respective owners.
