What to look for in Enterprise RSS

I have recently been thinking a bit about Enterprise RSS and getting frustrated by key features that seem to be missing, confusing or partially implemented, two examples being:

• Lack of unread status syncing between multiple clients of the Windows Common Feed Store
• Lack of support for basic authentication in the Windows Common Feed Store

I have also been thinking more broadly about security and management issues in general, so I was pleased to come across this post on the Collaborative Thinking blog which provided a useful list of topics to consider concerning enterprise RSS, my additions are in bold:

Security

• Ensure support for SSL and related authentication methods
• Ensure support for basic authentication over SSL as well as NTLM and Kerberos (which are mainly of interest in a Microsoft environment only)
• Some way to authenticate to RSS feeds that are protected by forms based authentication, common when enterprise portals are involved
• Browser add-ins should run “Internet zone” or “restricted sites zone”
• Require Windows XP SP2 Attachment Execution Service support
• Ask about block lists, content filtering, and handling of malformed feeds
• Outline how RSS enclosures are managed
• Require ACL’s per feed at group/user levels integrated via AD and LDAP
• Ability to encrypt the feed store and enclosures,  a lot of enterprise data is going to end up in this store, especially if enclosures are used
• I am also interested to see if some form of DRM could be applied to enclosures, with the digital rights acquired for the download user at the same time as the enclosure is downloaded.  I am concerned that enclosure enabled document libraries will result in very efficient document hoarding and resulting data leakage.  This may be a scenario that’s supported by Outlook and SharePoint 2007 IRM,  but I suspect that the common feed store DOES’ NT acquire the rights for the logged on user as part of the download process, which will make it difficult impossible to view the enclosures offline.

De-duping

• Assess how multiple updates to posts are handled and impact to read/unread marks
• Synchronization
• Check to make sure read/unread marks are managed across clients and devices

Storage

• Primarily a concern when feeds are sent into e-mail systems
• Potentially a compliance concern   

Network Utilization

• Assess download schedule management
• IE7 “salting” the interval (is it good enough)
• Is the RSS 2.0 Time To Live (TTL) tag honored
• Use of / support for Incremental feed updates (RFC 3229 (“Delta Encoding in HTTP”))
• Compression of feeds and enclosures

Management

• Ability to associate automatic feed subscription with LDAP directory group memberships, this really is going to be essential if feeds subscriptions becomes important to process compliance, e.g. a person gets informed when their Quality Management System is updated via a RSS feed.
• Ability to track usage

Personalized Feeds

• Not really an easy feature to implement at this time

Attensa and Newsgator seem to be addressing several of these issues,  but Microsoft and IBM don’t so it will be interesting to see how enterprises get on when they deploy Office System 2007 and Notes Hannover.