Makes me wonder how WebAuthN will fare. As long as the browser is in control of the UX for managing keypairs, I don't see strong browser crypto ever succeeding, because it will fail in the same way <keygen> did: horrible browser UX. Also nobody wants all their keys stuck in one browser. You need a software layer to help you manage your keys and share them across devices. That is unless every website adopts a "device registration" pattern where a user is just a collection of trusted "devices".