Phishing is resisted because the URL of the site is used in the key generation algorithm. So a site with a similar looking but different URL won't yield a workable token, even if the user is tricked into authenticating to the fake site.

You'd really have to be a state actor to be able to generate a phishing site on the original url with a valid certificate as well.