The current implementation of Service Binding Operator supports binding service residing in a different namespace but Service Binding Operator doesn't have a solid security model to support this feature.

Are dependencies identified?

1. Cross-namespace security model should be defined.
   1. How to handle privilege escalation?
   2. How to handle secret enumeration? etc

Are blockers noted?

1. Service Binding Spec is building a user guide that gives a overview of the capabilities provided by the spec including the cross-namespace services. As of today, this is still a work in progress. This will provide a deterministic way to declare target namespaces in which the service resides.

What is the  expected delivery timeline?

GA

Is design implementable?

No design implementation strategy decided yet.

What is the acceptance criteria?

1. There is an acceptance criteria for cross-namespace support.
2. [TO DO] Create acceptance criteria for cross-namespace security scenarios.

Is the story (roughly) estimated?

13