Interesting. I've hacked something together for my personal usage with my OpenGPG smartcard for use on my Windows desktop and developer-mode chromebook. In the end I had to work with "chrome native messaging" which basically calls native binaries on the host OS and is a nightmare to set up.

This doesn't look like they're planning to start supporting existing smartcards, but hopefully it's a first step?

My idea was to create a login page that requires the user to sign a secret with their private key which can be completed manually, but also automatically with the click of a button if the extension is installed. The key could live securely on a smartcard or in the user's gpg keyring, it doesn't matter as that part is deferred to gpg.

In case anyone happens to be interested, my un-documented prototype sits at https://github.com/r04r/GPGThing. It consists of a chrome extension, a golang application do some juggling between json input/output (which is a limitation by chrome native message passing) and gpg, and apache configs to set it up as an authentication method.

There's some more hacks necessary to get it working on chromebook, including a crouton installation with gpg.