Nathan D. Bowen wrote: > Maybe we'll call it "the token" in the specification regardless of > whether it's digested, hashed, or signed. Then we might as well call > the variable "token". Oops, I skipped a step there -- if the token is called a "token", this variable (currently called "auth") would be describing the "token_format", right?