Description | The client indicates whether it wants the server to sign the response by sending the Accept-Signature header. However, the header itself must be signed, because otherwise the server has to ignore it. The specification says: "Servers MUST ignore all request headers which hadn't been signed by the client." |
|---|