Handling of non-fully active documents for PublicKeyCredential methods

[nsatragno]

Documents become non-fully active after they are navigated away.

User agents must not allow the user to interact with child navigables whose container documents are not themselves fully active.

The Credential Management specification rejects promises returned by navigator.create and navigator.get with InvalidStateError if the document is not fully active.

Should we specify that we do the same for methods that hang from PublicKeyCredential (isuvpaa, iscma, signal*, get client capabilities)? Chrome will throw if the document is not fully-active for methods that return a promise. For signal*, we won't change this behaviour: signal* methods may result in UI, and we need a document to attach that UI to. isuvpaa, iscma, and get client capabilities I could see us going either way, but honestly there's no reason to call these from a detached document.

Let's standardize this behaviour and reject for non-fully active documents.