UserAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Steps to reproduce the problem:
The WebAuthn specs says [1]
A Public key credential's scope is for a Relying Party's origin, with the following restrictions
   and relaxations:

    * The scheme is always https (i.e., a restriction), and,

    * the host may be equal to the Relying Party's origin's effective domain, or it may be equal 
    to a registrable domain suffix of the Relying Party's origin's effective domain (i.e., an available
    relaxation), and,

    * all (TCP) ports on that host (i.e., a relaxation).

   This is done in order to match the behavior of pervasively deployed ambient credentials (e.g., cookies,
   [RFC6265]). Please note that this is a greater relaxation of "same-origin" restrictions than what
   document.domain's setter provides.

The keys are supposed to be bound to specific domains but Chrome has a small glitch on the logic port

You can find a POC in https://www.intothesymmetry.com/

As you can see the Security Key works as a charm even if  a different port is used

 navigator.credentials.create({
    publicKey: {
      challenge: new TextEncoder().encode(challenge),
      pubKeyCredParams: [{
        type: 'public-key',
        alg: cose_alg_ECDSA_w_SHA256
      }],
      rp: {
        id: 'www.intothesymmetry.com:5001',
        name: 'Nov Sample'
      },
      user: user
    }
  }).then(registered);
};

See view-source:https://www.intothesymmetry.com/u2f.js

[1] https://w3c.github.io/webauthn/#rp-id

What is the expected behavior?
this should work

What went wrong?

Uncaught (in promise) DOMException: The relying party ID 'www.intothesymmetry.com:5001' is not a registrable domain suffix of, nor equal to 'https://www.intothesymmetry.com'.

Did this work before? N/A 

Does this work in other browsers? N/A

Chrome version: 67.0.3396.87  Channel: stable
OS Version: OS X 10.13.3
Flash Version: