May 16 2006 security blanket Back when del.icio.us launched APIs to let users work directly with their data, standard HTTP Auth seemed like a good idea. It’s quick and easy to work with, and since all the data was publicly available on the site itself it provided a level of security that was sufficient for the situation. Now that we have private data in the system, we want to take steps to make