In the light of the ongoing (as far as I can see) debate about what to do about Digest MD5 etc. has anyone considered the SRP (Secure Remote Password) protocol? It is similar to Diffie-Hellman but is man-in-the-middle resistant and provides true zero-knowledge proof.
It has RFC status (http://tools.ietf.org/html/rfc2945) and is used for SSH and such goodness. The Wikipedia page http://en.wikipedia.org/wiki/Secure_remote_password_protocol provides some information about it, but is more technical and harder to understand than the RFC doc. The was some speak about it as a SASL mechanism, but I don't know what happened to that: maybe someone can push the IETF where it hurts so that the status of the protocol can be determined (I have recently found that tracking down SASL mechanism docs is an art). Just my 2c. -- Jonathan