[superzamp]

Not at all, the specification is indeed very clear. Thanks for the link!

[Boulth]

Channel ID has been depreciated and replaced by Token Binding but I'm sure U2F sites don't use either. The real protection is quite simple: incorporating the origin (domain name) in the protocol. So phishers would get a bad response from the token.