Great, now all my devices can share the bandwidth and reliability characteristics of a stoned boy scout trying to send smoke signals with a flammable blanket!
EDIT: and the less said about pairing difficulties the better.
EDIT2: From the downvotes it seems that many people have had a radically different experience from mine, which is good, because mine has been awful.
HTCOne-Dell: 1MB file will transfer ~50% of the time, pairing took several tries.
HTCOne-MBP: complete no-go, doesn't even pair.
Nexus6-MBP: paired first try, works reliably at a blazing 100kb/s.
Nexus6-Dell: doesn't even pair.
Nexus6-Fitbit: takes minutes to download a day's activity over bluetooth classic, stalls out completely 50% of the time. BLE doesn't seem to work at all.
MBP-Fitbit: requires dongle, synced once, has had 100% failure rate ever since.
Dell-Fitbit: requires dongle, 100% failure rate.
Compare to USB which delivers tens of MB/s in bandwidth with 100% reliability and no pairing process (RIP plug and play). I love the promise of bluetooth, but in my experience it has consistently fallen spectacularly short of that promise in every regard.
APIs to access HSMs exist already, though – PKCS11 and friends. And HSMs are designed to deal with accesses questionable sources, so if you wanted to improve their accessibility with a HSM-specific standard, it'd be not much of a headache.
All other bazillion USB devices ever made are not designed to deal with security, and exposing them over the internet will blow up spectacularly.
This is just Google trying to reinforce their everything-in-the-cloud-as-web-app model, which they are in a position to do considering they make one of the leading browsers, especially amongst developers.
It's shoehorning everything into ancient technology ill-suited for any of these applications, which is not exclusively Google's fault of course. First HTML was augmented with Javascript, which was augmented with XHTTPRequest, which led to an increased usage of Javascript (Here's where Google comes in), which led to a lot of manpower being invested in optimizing the Javascript engines (trying to run a quirky dynamic language as fast as possible) and then augmenting the browser with "native" OS features like:
* Full-screen mode
* Clipboard control
* Native notifications, with background workers, etc.
* WebMIDI
* OpenGL
* etc.
Which is basically like building a second operating system on top of the already existing architectures. Google tried to further push people this way by coming up with Chromebooks, which in reality actually serve to reinforce my point, since most (not all!) users find them just not sufficient enough.
Which didn't surprise seasoned OpenGL developers at all, because it happens to us all the time, that we see old memory contents in uninitialized buffer objects.
I wish to be able to browse websites, which contain (a) text, (b) associated images, (c) low forms of interactivity, say, comments, or interactive graphics.
This is pretty much the web 2012, or most of German-language web today still.
For browsergames, let’s just use the same paradigm as with apps instead: Bundle them via node+webkit, and integrate a "run locally" API into browsers that automatically downloads a program and runs it locally in a sandbox, but seperately.
In the long term, for games we’ll need to develop a different concept anyway.
But there’s a good reason why no one develops 3D games in PDF, despite PDF supporting 3D objects, scripting, and modification of the document via scripts.
Allowing access to FIDO U2F devices via this would fundamentally break the security model of U2F. It relies on websites being forced to go through a U2F-specific layer in the browser that ensures websites can only request authentication to that site. Without that, any website could do a forwarding attack where it forwarded the authentication request from any other website to the device and used the response to authenticate as you. In order for this to be used for a second factor, you'd basically have a separate authentication dongle for every website.
Seriously though, wired connections are out. Bluetooth is the thing.