The second one is not a correctly formed authentication results header field. If you look at RFC 7601 [1] paragraph 2.2 you'll see that the authserv-id only appears once. Repeating it before subsequent results is not allowed.
There could definitely be a better error message here.
The second one is not a correctly formed authentication results header field. If you look at RFC 7601 [1] paragraph 2.2 you'll see that the authserv-id only appears once. Repeating it before subsequent results is not allowed.
There could definitely be a better error message here.
[1] https:/ /tools. ietf.org/ html/rfc7601