Merge pull request w3c#2138 from w3c/2136-tc-dfn-passkey

Adds dfn for passkey in passkey platform authenticator and exports

index.bs

@@ -497,7 +497,7 @@ A variety of additional use cases and configurations are also possible, includin
 In this section, we walk through some events in the lifecycle of a [=public key credential=], along with the corresponding
 sample code for using this API. Note that this is an example flow and does not limit the scope of how the API can be used.
 
-As was the case in earlier sections, this flow focuses on a use case involving a [=first-factor roaming authenticator=]
+As was the case in earlier sections, this flow focuses on a use case involving a [=passkey roaming authenticator=]
 with its own display. One example of such an authenticator would be a smart phone. Other authenticator types are also supported
 by this API, subject to implementation by the [=client platform=]. For instance, this flow also works without modification for the case of
 an authenticator that is embedded in the [=client device=]. The flow also works for the case of an authenticator without
@@ -1036,7 +1036,7 @@ BCP 14 [[!RFC2119]] [[!RFC8174]] when, and only when, they appear in all capital
 : <dfn>Client-side discoverable Public Key Credential Source</dfn>
 : <dfn>Client-side discoverable Credential</dfn>
 : <dfn>Discoverable Credential</dfn>
-: <dfn>Passkey</dfn>
+: <dfn export>Passkey</dfn>
 : \[DEPRECATED] <dfn>Resident Credential</dfn>
 : \[DEPRECATED] <dfn>Resident Key</dfn>
 :: Note: Historically, [=client-side discoverable credentials=] have  been known as [=resident credentials=] or [=resident keys=].
@@ -4971,7 +4971,7 @@ lists and names some [=authenticator types=] of particular interest.
                 <td> [=Single-factor capable=] </td>
             </tr>
             <tr>
-                <th> <dfn>First-factor roaming authenticator</dfn> </th>
+                <th> <dfn>Passkey roaming authenticator</dfn> </th>
                 <td> [=cross-platform attachment|cross-platform=] </td>
                 <td> [=client-side credential storage modality|Client-side storage=] </td>
                 <td> [=Multi-factor capable=] </td>
@@ -4995,13 +4995,18 @@ A [=second-factor roaming authenticator=] is more likely to be used
 to authenticate on a particular [=client device=] for the first time,
 or on a [=client device=] shared between multiple users.
 
-[=User-verifying platform authenticators=] and [=first-factor roaming authenticators=]
+[=Passkey platform authenticators=] and [=passkey roaming authenticators=]
 enable passwordless [=multi-factor=] authentication.
 In addition to the proof of possession of the [=credential private key=],
 these authenticators support [=user verification=] as a second [=authentication factor=],
 typically a PIN or [=biometric recognition=].
 The [=authenticator=] can thus act as two kinds of [=authentication factor=],
 which enables [=multi-factor=] authentication while eliminating the need to share a password with the [=[RP]=].
+These authenticators also support [=discoverable credentials=], also called [=passkeys=],
+meaning they also enable authentication flows where username input is not necessary.
+
+The [=user-verifying platform authenticator=] class is largely obsoleted by the [=passkey platform authenticator=] class,
+but the definition is still used by the {{PublicKeyCredential/isUserVerifyingPlatformAuthenticatorAvailable}} method.
 
 The combinations not named in <a href="#table-authenticatorTypes">Table <span class="table-ref-previous"></span></a>
 have less distinguished use cases: