It's some what off-topic, but I've been trying to figure out how to do simple, RESTful, yet secure authentication for xmlrpc.
Take, for example, the Blogger API. Sends passwords via plaintext for each API hit. RESTful, but not secure. You can make it more secure with a back-and-forth digest authentication model, but then it's not really RESTful.
Thoughts on that?