[jmwilson]

"Much simpler than webauthn" Is it? Trying out https://webauthn.io/, I can log in using a security key without hitting the command line and copy & pasting some base64 string.

"Private keys never leave end users' devices" How does it guarantee that, considering it saves the private key in the file system? It can be trivially copied off device from there.

The examples also appear to encourage key reuse, and since the challenge is the current time, the signed auth message can be replayed against any other site where the user set up using the same key.

[_pzht]

Users can have a different key pair for each website. Also, signatures may not be re-used and are only valid for a few seconds. Try to create a key pair and login to the test website.

[pornel]

"Simpler" is a weasel word that can either mean "easier" or "more primitive", and in this case it's the latter.

Webauthn doesn't require separate keys per site and user vigilance to stay secure, because it has a-not-so-simple challenge-response protocol that is site-specific. For end users Webauthn is easier to use: just press a foolproof button.

I don't want to sound too negative. ed25519 keys are neat, and have fun implementing software using them. Let's just be realistic that a practical cryptographic system needs many more features, and Webauthn has them for a reason.

[UncleMeat]

Users demonstrably reuse credentials across systems. If you are relying on users to always create a new key pair for each service, they simply won’t do that.

A few seconds is plenty of time for an automated system to cause harm.