should hub.secret value be distinct for each subscription?

[Andy Dennie]

I'm implementing a pubsubhubbub subscriber and it's all working pretty well, except that I haven't done the hub.secret work yet.  It looks reasonably straightforward, but one thing is not clear to me -- is it typical, or useful, to specify distinct secret values for each subscription (assuming you're using distinct callback URLs for each subscription)?

-Andy

[Julien Genestoux]

Andy,

Yes the secret may be different for each subscription for greater security. If it is ever compromised for one subscription, then, there is no risk to see forged notification for other subscriptions.

However it is not required and things can work very well with a single secret.

Thanks,