generated MAC for comparison
Hey James - in this example, we are comparing a MAC that was sent as part of the service response with a MAC generated client-side. The client-side MAC is computed using values from the decrypted payload, which is why we run decryption.
There are other mechanisms for verifying responses such as digital signing, etc, but that is not covered in this title.
Hope that helps.