Yesterday, Apple sent an email to podcast publishers, encouraging us to use secure podcast feeds with SSL certificates:

In the future, a secure feed will be required in order to access Podcast Analytics and submit podcasts in Podcasts Connect. Most major hosting services offer secure RSS feeds, and can help you migrate your feed if the one you’re currently using does not have an SSL certificate.

This is part of a much larger trend towards encrypting the entire web. If you don’t know why encryption matters, Mozilla has a great explainer.

Apple has supported secure feeds since early 2016, but their most recent note suggests they plan to drop support for non-secure feeds, though it’s not clear when that will happen. It’s also unclear what might happen to podcasts that don’t update to secure feeds.

How many shows need to update their feeds?

In September 2016, I noted that:

Only 11 of the top 200 shows (5.5%) use HTTPS for their podcast XML. The remaining 189 feeds use plain old HTTP.

More recently, James Cridland of podnews found that:

Of the current Apple Podcast top 10 trending podcasts in the US, only 40% have secure RSS feeds.

This morning, I took a list of ~250,000 podcast series from Apple Podcasts, and analyzed how many of them use secure RSS feeds: