I've stumbled upon a strange issue with the /:user/:list_id/members
method. If we use DELETE as the HTTP method, we get back "Could not
authenticate you." when we try to delete a member. If we just switch
to POST and use _method=DELETE, the call succeeds with the _exact_
same secret tokens etc. So, I'm not quite sure why we're getting an
authentication error with DELETE and no error when we use POST
(there's no difference in the auth info in the two calls). Has anyone
else observed this?