Remove isPPAA() and expand getClientCapabilities()

[timcappalli]

This issue is a summary of a few PRs to consolidate discussion and provide meta context.

There has been much discussion about the pending getClientCapabilities() method and the merged isPasskeyPlatformAuthenticatorAvailable() method, and whether they are both needed.

The original context for isPasskeyPlatformAuthenticatorAvailable() is that the many basic RP developers need the ability to detect whether than can offer passkeys to users. Today, only isUVPAA() is available, which does not tell the whole story as there are WebAuthn clients that do not have a local passkey authenticator, but support hybrid transport for interacting with a remote passkey authenticator (such as a phone or tablet).

After introducing getClientCapabilitities(), there were concerns about introducing duplicate detection methods in the same release. So, the latest update to #1923 (6931dad) changes from an enum to a dict, and adds additional capabilities, including passkeyPlatformAuthenticator. This removes the need for the standalone isPasskeyPlatformAuthenticatorAvailable() method and PR #1936 removes it.

Many developers will be able to rely on getClientCapabilities() by itself to drive their registration and sign in experiences. Based on all the feedback, both from the WG and the developer community, I think this meets everyone halfway.

/cc @emlun @agl @akshayku

[MasterKale]

I like(d) isPasskeyPlatformAuthenticatorAvailable() as a convenient way for RP devs to understand when passkeys are available for use, but I have also bristled in the past on how long the static method names are that get added to PublicKeyCredential. I'd much rather see getClientCapabilities() get established as the way to understand to what degree WebAuthn is supported by a client, so I'm 100% behind this move.

[timcappalli]

Closing as #1923 and #1936 are merged.