What advantages would this provide over the current methods that make it worth the increased complexity of the server?
Considering https://en.wikipedia.org/wiki/WebAuthn#Criticism Wouldn't waiting for this standard to mature be more prudent?

Is it still in development?

We are thinking in different frameworks. :)

When I speak of the standard maturing I'm referring to it being out in the wild and pounded on for many years. Those Concerns I pointed to could well turn into exploitable problems in the wild.

One must always remember that, "Security is proven, not claimed". Saying xx is secure does not make it so.. Having it be pounded on for years, fixed when it breaks (or abandoned as a bad idea), and then pounded on again until it has stood up unbroken for years is how you know if something is secure. Anything else is marketing.