Encryption is for confidentiality: this is to prevent just anybody to access the data. This needs to be coupled with authentication, which is about identifying people who should be able to access the data, and reliably making sure that they are who they claim to be.
RSS is an optimized way to publish some Web-accessible contents (tailored for data which is frequently updated). You want to manage the diffusion of RSS streams with exactly the same security policy as those which are applied on the publication of the same data as "simple Web". In particular, you will want to do encryption and authentication for the RSS stream for exactly the same reasons that you would want to do encryption and authentication on the source Web site. And you would be well advised to do it with the same proven technology, i.e. HTTPS (aka "HTTP within SSL").
To sum up:if the data is normally hosted on a Web site which does HTTPS and requires a user password, then the same data over an RSS stream should be also protected with HTTPS and password-based authentication.
(Conceptual principle which is in action here: the needs for some security properties such as confidentiality come from the data itself, and do not vary with the way the data is being transferred, be it RSS or something else.)
