If we choose to keep this section in this part off the spec, should we add more clarification on why the "requested_cnf" claim may have to be included in the assertion grant (e.g. make it clear the purpose of this claim is allow the Authorization Server in Domain B to bind the key to the requested_cnf claim)?
If we choose to keep this section in this part off the spec, should we add more clarification on why the "requested_cnf" claim may have to be included in the assertion grant (e.g. make it clear the purpose of this claim is allow the Authorization Server in Domain B to bind the key to the requested_cnf claim)?