Rails + PHP REST web service security

Hey guys,

I want to ensure secure communication between our rails application
and a REST web service on an external server running php.

What are some of the ways of accomplishing this? Do we need to use ssl
to encrypt the information traveling between the two to prevent packet

Do we also need to encrypt the xml data itself?

If anyone knows of any links, articles, or resources they would be