Here's the thing that annoys me - Apple *already* has this technology for all Mac computers built after 2011.
There's no way to override the firmware password on newer Macs - you used to be able to do all sorts of tricks like removing a memory module, or manually accessing the NVRAM parameters. Now owners need to press the "secret keypress" (or bring to an Apple authorized retailer), read an encrypted keycode off of the monitor (probably based on the current password and the hardware ID of that particular system), go into the Apple store and prove you're the owner, and Apple Employees contact Apple HQ to generate an unlock USB key for you.
It would be exceedingly simple for them to implement the same thing in phones. Phone locked? Need to bring to an Apple store to prove ownership before unlocking (probably also wipe the filesystem encryption key, so the phone's contents are not revealed). Make it check the lock status in firmware as part of the bootloader so even a manual DFU needs to unlock first to prevent smarter thieves from just re-flashing the phone (come to think of it, with the new firmware security and signed blobs, this should already be possible - if a phone is reported stolen, simply refuse to sign a firmware-blob for reflash).
A "half-way" position would be to allow the phone to unlock if you connect it to a computer you've synced with.
To encourage people to use the lock (who typically don't like unlocking every 15 min or whatever), have a minimum requirement to enter the password once whenever the phone starts, so while someone may still steal your phone, if it's ever turned-off, battery runs out, or is reset, it requires the unlock code be entered.