https://tools.ietf.org/html/draft-ietf-oauth-token-binding-01 supports two ways to token bind the access token. The standard way, and the alternative way:
the client to generate a Token Binding key to use for the protected resource, use the Token Binding ID for that key, and then later use that key when the TLS connection to the protected resource is established. (Source) Last Para of Section 3 of draft-ietf-oauth-token-binding-01
The question here is that should we support this alternative way or do we just requrie the standard way?