Section 3.1 has the following paragraph:

The client is expected to send an Authorization header (as defined in
   RFC 7235 [RFC7235], Section 4.1 [11]) where the "auth-scheme" is
   "Signature" and the "auth-param" parameters meet the requirements
   listed in Section 2: The Components of a Signature.

It's a bit confusing because section 3.1 includes the "Authorization" header but it has a reference to the "WWW-Authenticate" section of RFC 7235. Then section 3.1.1 has an example with the "WWW-Authenticate" header, then section 3.1.2 uses the "Authorization" header.

I think you meant "RFC 7235 [RFC7235], Section 4.2" (??)

I believe you are correct.

Authorization is section 4.2: https://tools.ietf.org/html/rfc7235#section-4.2