From 69f17689f597690c1976ec9917e69614122731ce Mon Sep 17 00:00:00 2001
From: Andrey Kislyuk <kislyuk@gmail.com>
Date: Fri, 15 Apr 2022 00:07:55 -0700
Subject: [PATCH] Mention that Authorization header is signed

---
 README.rst | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/README.rst b/README.rst
index c8d0835..6d1634f 100644
--- a/README.rst
+++ b/README.rst
@@ -28,9 +28,9 @@ Usage
   requests.get(url, auth=auth)
 
 By default, only the ``Date`` header and the ``@method``, ``@authority``, and ``@target-uri`` derived component
-identifiers are signed for body-less requests such as GET. The ``Date`` header is set if it is absent. In addition, for
-requests with bodies (such as POST), the ``Content-Digest`` header is set to the SHA256 of the request body using the
-format described in the
+identifiers are signed for body-less requests such as GET. The ``Date`` header is set if it is absent. In addition,
+the ``Authorization`` header is signed if it is present, and for requests with bodies (such as POST), the
+``Content-Digest`` header is set to the SHA256 of the request body using the format described in the
 `IETF Digest Fields draft RFC <https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-digest-headers>`_ and signed.
 To add other headers to the signature, pass an array of header names in the ``covered_component_ids`` keyword argument.
 See the `API documentation <https://pyauth.github.io/requests-http-signature/#id3>`_ for the full list of options and