Sure, but why not preserve the option for people to use hardware keys?
Unfortunately, both the FIDO and WebAuthN working groups seem to be dead-set on making the hardware authenticator use case as painful as possible [1] [2] [3].
I just don't get it. Why even try to pretend that WebAuthN is a single API for both use cases when all stakeholders in charge seem to have given up on one of them?
Unfortunately, both the FIDO and WebAuthN working groups seem to be dead-set on making the hardware authenticator use case as painful as possible [1] [2] [3].
I just don't get it. Why even try to pretend that WebAuthN is a single API for both use cases when all stakeholders in charge seem to have given up on one of them?
[1] https://github.com/fido-alliance/how-to-fido/issues/16
[2] https://github.com/w3c/webauthn/issues/1612
[3] https://github.com/w3c/webauthn/issues/1822