Hapi only seems to set an Authorization header and no Server-Authorization header when using Hawk. Hapi seems to call the Hawk's server header generation but assign it to the Authorization field instead of the Server-Authorization field:

    var header = Hawk.server.header(artifacts, options);
    if (header) {
        request.response.header('Authorization', header);
    }

Again, am I missing something?