Are XML-RPC messages encrypted?
You have two things to encrypt, the transactions and the transports. SSL is your transport, the individual xml requests and answers are the transactions (which I presume can be encrypted with some of the new specifications of xml-rpc).
Just use https:// URLs and SSL encryption should protect your XML-RPC messages.
Fog Creek Home