> Approximately nobody thinks users shouldn't be able to access their keys in the general case

Citation needed. To me it seems to be the quiet part that they aren't saying out loud. If it's just a consequence of the spec being unfinished, then they shouldn't threaten to ban KeepassXC for this. The purpose of a system is what it does, and commercial passkey implementations lock users out of their credentials and uses it to strengthen vendor lock-in.

> Is it a super useful feature? No

It's security theater and a way for websites to annoy users unnecessarily.

> KeePassXC is not "being threatened with being banned via attestation".

https://github.com/keepassxreboot/keepassxc/issues/10406#iss...

It's a thinly veiled threat. Making a certification process and refusing to certify KeepassXC is exactly the same as banning it.