I want to be able to insert my own key material into the FIDO2 Authenticator. At least, there is no need to trust the seller (as we can not guarantee that the seller will keep copies of the keys for himself, at the request of the government or for any other reason).
Therefore, I believe that it would be very valuable for customers to be able to define their own key material.
Yubico, however, argues that if they allow it, "Undermine device authentication, which is likely to exclude these authenticators from high-security applications such as financial institutions".
I do not know exactly the rules in this area, so my main question is: if that's true, I'm struggling to understand why, by setting my own key material (and thus improving my personal safety), I would disqualify the authenticator being used.
Also it looks a bit ironic these days financial institutions tend to trust SMS and not U2F, although SMS is far from secure. However, I hope that this will change someday.
The discussion takes place here: Extension of the WebAuthn recovery credentials