I don't understand how can it really prevents exporting passkeys if it can be implemented by open source implementations like keepass.
For example, if keepass do follow the guideline of FIDO Alliance to not implement exporting, but it would still possible to make a fork of keepass that force it to dump the credentials somewhere.
No comments yet.