@cynicalsecurity IMO a major difference here is that TLS auth never meant to guarantee anything about the intentions of the other party, so crooks obtaining certs (for money or free) is not something to be fixed. This means, that communicating that lock==trust has been plain wrong (see also signed .exe==goodware).
In case of security keys attacks like the current one aren't supposed to happen and there is an incentive to fix/prevent such issues. This of course should not mean that we should blindly trust these devices (as you pointed out) but I'd argue that the concepts the industry communicates (separate your keys from your computer; prevent duplication...) are mostly right in this case ("save your keys in the cloud" is an obvious counter example).
@bgergely0 @dotstdy @whitequark