7.2.5. Signature Labels

HTTP message signature values are identified in the Signature and Signature-Input field values by unique labels. These labels are chosen only when attaching the signature values to the message and are not accounted for during the signing process. An intermediary is allowed to relabel an existing signature when processing the message.

Therefore, applications should not rely on specific labels being present, and applications should not put semantic meaning on the labels themselves. Instead, additional signature parameters can be used to convey whatever additional meaning is required to be attached to, and covered by, the signature. In particular, the tag parameter can be used to define an application-specific value as described in Section 7.2.7.

7.2.5. Signature Labels​

7.2.5. Signature Labels