I think Persona failed because it simply wasn't the easiest option for the end-user. When given the choice to create an account on Persona, or sign in with the social media account they already have, most people will follow the principle of least effort and use their existing social account.
However, outside of a prototype addon, that approach never materialized. And without that, Persona didn't have a compelling use case except for people who didn't want to trust signing in via Facebook or Google or Twitter.
We're finally starting to see standards proposals that address this, and allow signing in via cryptographic authentication built into your browser. I hope to see those make OAuth obsolete for any use case other than API access to an account (e.g. "allow this site to integrate with Github").
could you point us at these - would've very interested as thelack of PKI in the world does bother me
Disclaimer: I have not reviewed this spec in detail yet, and my confidence in the W3C is not high.
For that matter, the description shown on that page suggests that it supports using the key on the hardware token as the only authentication factor. That seems dangerous. Unlike a key stored on an encrypted disk, a U2F key typically works for anyone who steals it. Firefox needs to use that key together with another key stored in the browser, or otherwise ensure that someone who steals the U2F key does not gain access to every account secured with WebAuthn.
and as someone else mentioned the After Action Report summarized the bullet points well: https://wiki.mozilla.org/Identity/Persona_AAR