Sending "www-authenticate: bearer" as part of jwt policy validation error response

Is the possible to send WWW-Authenticate: bearer in a JWT policy failure response? For example, this policy:

kind: Policy
name: mhite-elbgateway-jwt
namespace: istio-system
- name: mhite-elbgateway
- jwt:
issuer: ""
jwksUri: ""
- excludedPaths:
- exact: "/"
principalBinding: USE_ORIGIN

When I send a bogus token in a request, I see:

* Connection state changed (MAX_CONCURRENT_STREAMS updated)!
< HTTP/2 401
< content-length: 29
< content-type: text/plain
< date: Mon, 23 Mar 2020 18:33:07 GMT
< server: istio-envoy
< via: 1.1 google
< alt-svc: clear
Origin authentication failed.

It would be fantastic to support errors here, too. IE:

HTTP/1.1 401 Unauthorized
WWW-Authenticate: error="invalid_token",
error_description="The Access Token expired"

It would be nice to propagate these error codes:

(Envoy uses jwt_verify_lib)

Right now, to even see these, you have to turn on Istio DEBUG logs.