Yeah, I'd use libcurl or something to fetch the highscores list. Point it at a URL, dump the contents from libcurl into an ASCII buffer, clean it up a bit and you're golden.
Accepting the online high scores is pretty easy too; you could make a POST request using libcurl or just go to a special URL (e.g.
http://yourgame.org/highscore_post.php?name=Ravuya+is+Awesome&score=1337).
My problem is how to make it secure. You've essentially got two problems: The user screwing with their score "on the wire" (by modifying the packet/request) or screwing with the game to make their score artificially high (by disabling damage).
SSL would probably clean up a lot of the first problem, especially if you sent hashes along with it.
I suppose you can get around the second attack by checksumming the game against an internal knowledge, but then we're getting into copy protection land.