How does reusing oHTTP cause invalid a Signature?

I was testing some code with Amazon MWS and everything worked all right in my tests but in production I kept getting errors saying the signature I supplied did not agree with what Amazon calculated. I tracked it down to reusing the HTTP object. If I create a new HTTP object for each request everything works fine. If I reuse the HTTP object and just change the query string I get the signature errors. So I would like to know how the reuse of the HTTP object is affecting the signature that Amazon calculates. My code is shown below.

Thanks,
Simon

lo=CreateObject("wwHTTP")
      lo.nHTTPPostMode=1
      lo.nHTTPConnectType=0
      lo.nConnectTimeOut=60
      lo.cHTTPProxyName=""
      lo.cHTTPVerb="POST"
      lo.AddHeader("User-Agent",Alltrim(GetSysVal("AR","Amzn_UserAgent")))

      lcStr1="POST"+Chr(10)+;
            Strtran(Lower(Alltrim(GetSysVal("AR","Amzn_DomainName"))),"https://","",1,1,1)+Chr(10)+;
            [/]+Chr(10)
      lcStr2=[AWSAccessKeyId=]+URLEncode(AllTrim(GetSysVal("AR","Amzn_AWSAccessKeyID")))+;
            [&Action=RequestReport]+;
            [&EndDate=]+URLEncode(Ttoc(ToTimeZone(Datetime(),lcAppTimZon,"TIMZONE12"),3))+;
            [&Merchant=]+URLEncode(Alltrim(GetSysVal("AR","Amzn_MerchantID")))+;
            [&ReportType=_GET_FLAT_FILE_ORDERS_DATA_]+;
            [&SignatureMethod=]+URLEncode(Alltrim(GetSysVal("AR","Amzn_SigMethod")))+;
            [&SignatureVersion=]+URLEncode(Alltrim(GetSysVal("AR","Amzn_SigVersion")))+;
            [&StartDate=]+URLEncode(Ttoc(ToTimeZone(Datetime()-86400,lcAppTimZon,"TIMZONE12"),3))+;
            [&Timestamp=]+URLEncode(Ttoc(ToTimeZone(Datetime(),lcAppTimZon,"TIMZONE12"),3)+"Z")+;
            [&Version=]+URLEncode(Alltrim(GetSysVal("AR","Amzn_Version")))

      lcSig=Strconv(HMAC(lcStr1+lcStr2,Alltrim(GetSysVal("AR","Amzn_SecretKey")),DC_SHA256),13)
   
      lcStr2=lcStr2+[&Signature=]+URLEncode(lcSig)
    
      leRtn=lo.HTTPGet(Chrtran(Addbs(Alltrim(GetSysVal("AR","Amzn_DomainName"))),"\","/")+"?"+lcStr2) 
      lcReqID=StrExtract(leRtn,"<ReportRequestId>","</ReportRequestId>",1,1)
      lo=""
      
Set Step on      

*
* If I uncomment the following 10 lines Amazon confirms that the signature is
* correct.  If I leave them commented Amazon says the signature is incorrect.
*      

*      lo=CreateObject("wwHTTP")
*      lo.nHTTPPostMode=1
*      lo.nHTTPConnectType=0
*      lo.nConnectTimeOut=60
*      lo.cHTTPProxyName=""
*      lo.cHTTPVerb="POST"
*      lo.AddHeader("User-Agent",Alltrim(GetSysVal("AR","Amzn_UserAgent")))
*      lcStr1="POST"+Chr(10)+;
*            Strtran(Lower(Alltrim(GetSysVal("AR","Amzn_DomainName"))),"https://","",1,1,1)+Chr(10)+;
*            [/]+Chr(10)


*
* Only retrieve the reports that have not been acknowledged.
*         
      lcStr2=[AWSAccessKeyId=]+URLEncode(AllTrim(GetSysVal("AR","Amzn_AWSAccessKeyID")))+;
            [&Acknowledged=false]+;
            [&Action=GetReportList]+;
            [&MaxCount=100]+;
            [&Merchant=]+URLEncode(Alltrim(GetSysVal("AR","Amzn_MerchantID")))+;
            [&ReportTypeList.Type.1=_GET_FLAT_FILE_ORDERS_DATA_]+;
            [&SignatureMethod=]+URLEncode(Alltrim(GetSysVal("AR","Amzn_SigMethod")))+;
            [&SignatureVersion=]+URLEncode(Alltrim(GetSysVal("AR","Amzn_SigVersion")))+;
            [&Timestamp=]+URLEncode(Ttoc(ToTimeZone(Datetime(),lcAppTimZon,"TIMZONE12"),3)+"Z")+;
            [&Version=]+URLEncode(Alltrim(GetSysVal("AR","Amzn_Version")))
       lcSig=Strconv(HMAC(lcStr1+lcStr2,Alltrim(GetSysVal("AR","Amzn_SecretKey")),DC_SHA256),13)
   
      lcStr2=lcStr2+[&Signature=]+URLEncode(lcSig)
    
      leRtn=lo.HTTPGet(Chrtran(Addbs(Alltrim(GetSysVal("AR","Amzn_DomainName"))),"\","/")+"?"+lcStr2) 
      lo=""