h=a:a:b:c:b:d
A: 1
A: 2
B: 3
C: 4
B: 5
D: 6



h=a:a:b:c:b:d
C: 4
D: 6
B: 3
B: 5
A: 0
A: 1
A: 2



When RFC4870 signing with an h= tag,
a signer MUST include all headers presented to the signing algorithm,
in the order they were presented the signing algorithm.

a signer, when encountering multiple-occuring headers, MAY list those
header names more than once

--

I conclude from this that signers SHOULD reorder the headers so
that multiple-occuring headers occur together.

--

a verifier, if a header is listed only once in h=, but there are
multiple of those headers available, MUST play back those multiple
headers together.