There's an interesting post over at zDnet suggesting that RSS might be a way to replace the problematic aspects of spam and phishing style email attacks.
First, I think they are correct in noting that email has become increasingly problematic as a communication medium because of what spam has done. The idea that information is reliably transmitted via email has decreased dramatically, and interestingly, not because of its security problems. Given that companies like Ebay can't rely on it to send important information because nobody trusts email that says Ebay on it anymore, what kind of solutions are there?
The idea that RSS could replace email is provocative. Here's what they have to say:
Why not have a separate feed for every customer? This is the same thinking that went into another idea I had -- overnight shippers setting up separate RSS feeds for every package they handle. This way, I can subscribe to packages I'm sending or receiving, and my RSS aggregator (Newsgator, etc.) alerts me to changes in each package's status. To keep a lid on the number of RSS feeds a shipper must run, the RSS feed for each package would expire a few days after the package arrives.
From a security point of view, this makes a tremendous amount of sense. Because the client queries the provider, as opposed to the email system which allows any provider to query the client, it makes it much easier for clients to get good data.
They go one to think about how whole email systems could be replaced by RSS:
Finally, could widespread use of this approach be the backdoor towards flipping all existing e-mail solutions on their ear, turning them from SMTP-based store-and-forward systems to RSS-based alert-poll-and-retrieve systems (alert my mail server of an RSS feed that has something for me, poll that feed, and retrieve the message)?
Yes, this might be a great way to deal with some of the problems of spam, but really, it's probably a better idea to start with the security flaws in email instead trying to use RSS to solve the problem.
Email isn?t going to be replaced by RSS. Perhaps this is naive of me to say, but what works about email is that it allows a "cold call", something that the client to provider query model doesn't work for. You can't get somebody to subscribe to your RSS feed unless they take action. While this solves some the problems around spam, it prevents you from getting information that you're not actively trying to get.
Instead, trying to figure out how to allow for the good "cold calls" to make it through is probably a better way to deal with spam. Sender authentication, secure ids and so on, present much better ways of dealing with the problems of the provider to client model.
That being said, for those people who actually use RSS as their life line, companies like Ebay ought to be providing feeds. Since Ebay already produces feed like content, they might as well make it RSS compliant.
