+1 to adding HTML support for Digest Auth. This is a well-needed security measure. And it'd b easy to make it backwards compatible (with an attribute on <form> for example) so that if the browser didn't support the new HTML features it would fall back to a traditional HTTP POST.