For authenticators that cannot fulfill the request (e.g. no matching algorithms, resident key required but not supported), we should filter them from the device list.
(I'm not sure how to communicate to the user that this has been filtered; they might get confused that their device is plugged in but isn't showing up. Maybe we really need to send two lists: available devices and unavailable devices with a reason why they're not applicable.)
Originally posted by @msirringhaus in #149 (review)
For authenticators that cannot fulfill the request (e.g. no matching algorithms, resident key required but not supported), we should filter them from the device list.
(I'm not sure how to communicate to the user that this has been filtered; they might get confused that their device is plugged in but isn't showing up. Maybe we really need to send two lists: available devices and unavailable devices with a reason why they're not applicable.)
Originally posted by @msirringhaus in #149 (review)