@mjg59 So the idea would be to not expose some data/ability to command something ever to the OS, right?
Other than the biometrics case, what data/authority would you envision being "taken away" from the OS?
@robryk If the "token" asserts that it requires physical presence, it should never be possible for the OS to trigger that without the user being physically present. Beyond that, I think the primary concern is ensuring that keys can't be transferred between devices.