Update: Gordon Weakliem reminded me that LiveJournal does support digest auth for feeds - there are details on this page. So just ignore my wild eyed ranting about LiveJournal below :)

Yesterday, I had someone ask me if it would be possible to support the private feeds LiveJournal uses. He set up a feed that had password protection so I could test - that's when I started the slow slide into "standards? what standards?" hell. First up - LiveJournal. Could they use Http Auth or Digest Auth for their private feeds? Nope, that would be entirely too simple. Perusing their forms, it looks like they use their bozo equivalent of Digest Auth, but only if you pass through their form and retrieve a cookie. Retrieving the cookie would "just work" if they used Auth, but nooo - they have to be special.

So off I went, to add support for that. Strike two came around the corner shortly thereafter. I couldn't read their cookies, because they use a non-standard format for them. Great - seems the New York Times does the same thing with their cookies, so maybe there's a common content management system out there with bad ideas. One AR later, and a discussion with the VW developer who works with this stuff and I had a fix.

So now, a full day later, I can actually start looking at actually supporting LiveJournal. It's things like this that make me laugh at the "Atom will solve everything" crowd. A new spec won't change the fact that people make mistakes and refuse to follow standards...