It's also not a government web site. It's a private company who, for some reason, my own government outsources identity verification to. Meanwhile, the authorization system the US government has built (login.gov) is deemed "insecure" by the IRS and Social Security for some inexplicable reason. (But it's fine for Trusted Traveler Programs.)

Social Security has implemented Login.gov integration. IRS returned detailed feedback that GSA is working on.

This is good news. Thanks for sharing.

> It's a private company who, for some reason, my own government outsources identity verification to

Welcome to the neoliberal wet dream.

It's not a government website.

It's the company providing the service that the government could provide on its own, but that service is being provided by a private company through a lucrative contract agreement.

Because it's not a government website, it's a company the government contracts with.

Yes. I know how this works. This doesn't change that's it's stupid. You can't outsource stupid and then claim it's not your problem.

Yes, welcome to the rest of the world.

You're aware that there's a registry per country, no? And that that each country can choose to set aside a subdomain for all government services?

Yes, it's unfair that the US gets naked .gov - but that doesn't preclude the rest of the world from doing the right thing, and it certainly doesn't excuse the US government doing the stupid thing.

The US government can still basically yoink any ccTLD very very easily. It won't, but it could.