From Apache:

The Digest authentication implementation in previous Internet Explorer for Windows versions (5 and 6) had issues, namely that GET requests with a query string were not RFC compliant. There are a few ways to work around this issue.

The first way is to use POST requests instead of GET requests to pass data to your program. This method is the simplest approach if your application can work with this limitation.

Since version 2.0.51 Apache also provides a workaround in the AuthDigestEnableQueryStringHack environment variable. If AuthDigestEnableQueryStringHack is set for the request, Apache will take steps to work around the MSIE bug and remove the query string from the digest comparison. Using this method would look similar to the following.

This workaround is not necessary for MSIE 7, though enabling it does not cause any compatibility issues or significant overhead.

See the <a href="http://httpd.apache.org/docs/2.0/mod/mod_setenvif.html#browsermatch">BrowserMatch</a> directive for more details on conditionally setting environment variables