I’d like to see an <input type="credentials" accept="Ed25519" mode="...">, this is a form element that allows for credentials (keys) input.
if “mode” is “sign”, the input’s value is the public key, base64-encoded.
if “mode” is “auth”, the input’s value is the public key, base64-encoded, and the form action’s domain name, separated with a +.
the signatures must come at the end of the form, in the same order as the fields, and must be calculated(?) over the contents of the whole form (excluding the signatures, as you’re already signing the public keys so if all signatures check out it’s probably safe.).
if you need a nonce, just stick an <input type="hidden" name="nonce" value="..."> somewhere.
for implementers, browsing for SSH private keys is probably the easiest way to go, defaulting to ~/.ssh/ on POSIX and whatever the windows equivalent is on windows. (optionally with an UI that doesn’t look like the file browser, to reduce phishing attacks.)
