Excessive authentication complication?
Why the excessive complication of the session ID,
with login/logout functions? XML RPC is already on
top of HTTP, and HTTP authentication could do the
job quite nicely (and is already supported by most
XML RPC client implementations). This would turn a
simple release into 1 easily command-line
scriptable call, instead of 3.
Also, seconding (thirding?) the requests for an SSL
interface to this (and possibly to the main page