We'd like to be able to restrict login to a service to any valid google account, for example @coreos.com.