Putting it in the hands of the government actually fails the trust requirement. Trust is not a binary "this entity is trustworthy", trust is a set of relationships between two entities, and not everyone will trust the US Government, nor will everybody be trusted by the US Government. Even in a perfect world with a perfect US Government, that is the correct answer; not everyone is under US jurisdiction, after all, so we don't even need to get into the political issues. If made mandatory (and the only option), this is a critical failure on the trust front. It can't work, you can't tie your login system to only the US login system, and if you have to have other login systems, US citizens will be able to use those too.