I'm wondering if it doesn't make sense to have two different 'hooks', one for basic, one for digest. Most providers would implement basic. Some who can handle digests could implement digest. Then the authn store could be independent of protocol.
Um, have you taken a look at the provider API? -- justin
