Bah. I had a response all typed out and then FF crashed on me.
Anyways, yes, the digest mode is the default. I was just wondering if the digest setup is specific to Axis2/Rampart. From what I read
here, it says that the digest is created by the following.
Doesn't the SHA part require both sides to have the key? Since it's sending over the nonce and created, it seems like the digest wouldn't be very secure.