All data between the client and the server is encrypted.
Is the above statement true when you are using DISEST? The answer says it's false. But, according to the
servlet spec
Like HTTP Basic Authentication, HTTP Digest Authentication authenticates a user
based on a username and a password. However the authentication is performed by
transmitting the password in an encrypted form which is much more secure than the
simple base64 encoding used by Basic Authentication,