| ▲ | michael1999 4 hours ago | |
Info-minimized oidc handshakes with certified identity providers could verify age-category of a user with no other information shared. Consider "log in with apple" as it is today. Depending on what you share, a relying website might not even get your name or email. | ||
| ▲ | bbminner 4 hours ago | parent | next [-] | |
Yes, that was my thought as well when i was visiting UK and reddit kept asking me to verify my age. It might be even more private and non-trackable than that - if "age.id.gov" central authority effectively "provides a new random user id" (implementation may vary and does not need to have a "literal username") every time you try to use it / log into a website that needs to verify your age - this way websites can not even track you across platforms. It seems like all the tech stack is there to implement a very simple and privacy-persevering solution. It does not even smell of state censorship because a website does not have to check your age if it decides to be "non compliant". Why isn't it implemented like that? Based on the comments it seems more like a "free-for-all implement-your-own-PPI-handling-thon". This will ofc make life harder for a some groups of people - like people without / limited access to IDs etc. And i do not even argue that the whole thing is necessary. But there seem to be vastly superior technical means to implement that, aren't there? | ||
| ▲ | inigyou 4 hours ago | parent | prev [-] | |
The only way to know that is to trust Apple. | ||