Currently, we don't check the binding between realm and platform tokens. As part of verification API we should make sure that the nonce in the platform token is the hash of raw public key found in the realm token (using the specified hash algorithm).
Currently, we don't check the binding between realm and platform tokens. As part of verification API we should make sure that the nonce in the platform token is the hash of raw public key found in the realm token (using the specified hash algorithm).