Uhm, it's the public key, and yes pretty much anyone can have my public key. That's why it's called the "public" key. The private key never leaves the dongle, much like in a hardware cryptocurrency wallet.
This is not true for passkey, which the linked article is about. If you set up passkey on a site on e.g. your Mac, the credentials will be synced through iCloud and you can also use your iPhone or iPad as an authenticator. This raises the questions of the grandparent comment:
1. What if a FAANG company nukes the account that you use for credential syncing?
2. What if a FAANG company has access to your private keys?
In the case of Apple, I think (2) is covered. They use iCloud Keychain, which is already end-to-end encrypted. But I am not sure about other companies (Microsoft, Google), does the standard require end-to-end encryption of key material?
Seems like they will leave up security to the OS vendors? From the white paper:
We expect that FIDO authenticator vendors (in particular those of authenticators built into OS platforms) will adapt their authenticator implementations such that a FIDO credential can survive device loss. [...]
Just like password managers do with passwords, the underlying OS platform will “sync” the cryptographic keys that belong to a FIDO credential from device to device. This means that the security and availability of a user’s synced credential depends on the security of the underlying OS platform’s (Google’s, Apple’s, Microsoft’s, etc.) authentication mechanism for their online accounts, and on the security method for reinstating access when all (old) devices were lost.
This is not true for passkey, which the linked article is about. If you set up passkey on a site on e.g. your Mac, the credentials will be synced through iCloud and you can also use your iPhone or iPad as an authenticator. This raises the questions of the grandparent comment:
1. What if a FAANG company nukes the account that you use for credential syncing?
2. What if a FAANG company has access to your private keys?
In the case of Apple, I think (2) is covered. They use iCloud Keychain, which is already end-to-end encrypted. But I am not sure about other companies (Microsoft, Google), does the standard require end-to-end encryption of key material?