So, once the user has made choices about what they want their custom feed to be—and this would just be data stored in the database—you’ve got to let WordPress know who the user is when they poll the feed. As I see if, you have two options:

1. Use HTTP 401 Authentication with their username and password.
2. Generate a random key for the user, stored in the wp_users table and generated for the sole purpose of authentication, which is displayed to the user inside the WordPress admin.

401 Authentication seems like an obvious approach. The URL would end up looking like so:

http://username:password@ijsm.org/feed/

Of course, the problem with 401 in this regard is security. For one, you’re almost certainly sending this data unencrypted in an HTTP GET request. Anyone packet-sniffing on your side or the server’s can have your password. It’s a security hole, but the level of damage that could be done is only limited to the user’s capabilities. [It'd be far worse to have my admin account hacked than it would be for just any random user, since someone with my admin password can wreak all kinds of havoc.]

401 Authentication also doesn’t have universal support amongst aggregators. I’m sure that this won’t be an issue in another year, but it is an issue now for some users, and it would suck to put this functionality out there and have some users not be able to use it.

Key generation isn’t a security issue—the key would only be for this purpose—but it is still extra data that the user has to keep up with. Key generation is how John Gruber used to do his members-only feeds on Daring Fireball, so I’m totally stealing the idea from him on that score.

I think that, from a security standpoint, I prefer the key generation, but in the long run, it’s another piece of data that has to be handled by WordPress, and I hate to generate extra data when it might not be necessary. But in my present state of wakefulness and awareness, it seems like the best answer to me.

I have some other random thoughts about how WordPress could do some other cool things with aggregation of data for user-specific feeds, but … I feel this entire entry losing focus as I type. [It didn't help that I got a phone call in the middle of it, either.]