jricher
commented
2 years ago - Client instance uses different keys with each AS
- Stolen token bound to different keys, RS will reject
- Client has strong binding between RS and AS used
- Attacker can’t convince client to use “wrong” AS