WebAuthn divides authenticator connections into two categories:
-
Platform authenticators which are provided by the device itself. Passkeys as well as the existing FaceID/TouchID support in Safari fall into this category. You can typically only use these on the same machine as before, although Passkeys is trying to expand these to be synced across devices on your Apple account.
-
Cross-platform authenticators (or "roaming" authenticators), which communicate over some sort of transport like USB, BLE, NFC, etc. These can be used whenever the authenticator is available over that transport and the browser/platform you are on supports them - most Macs are not going to have much luck using NFC to talk to an authenticator.
That said, there's nothing saying an authenticator can't be both - that you couldn't use your iPhone as an authenticator for your Windows laptop over USB/BLE/NFC. This is possible today.
That said, there are some issues with the bluetooth transport support. One is that you can't be sure you are pairing with the actual device, rather than an intermediary. Another is that the pairing with devices is at the platform level, while often it is the browser which really needs to establish and maintain that pairing. Keeping the bluetooth radio active in case an authentication request is sent is expensive, and trying to increase the reliability and decrease the latency when that message is sent is challenging cross-stack.
Google has been experimenting with solutions here, including a project called CaBLE which has been iterating within Chrome. CaBLE uses QR codes to establish a link between two devices rather than using traditional bluetooth pairing, and can synchronize that pairing between computers (for instance, across chrome instances signed into a google account).
While I am not privy to Apple's plans, I suspect they would be more inclined to these roaming approaches where other devices could use your phone as an authenticator, rather than letting the secrets be shared to non-Apple devices. Higher security uses such as enterprise and financial login will be paying close attention to the level of protection Apple's platform provides for these secrets when deciding whether to accept Passkeys.