Hacker News new | ask | show | jobs
by grayhatter 898 days ago
> Do I miss something?

The point of the article? The idea that I shouldn't have to ask my government for permission to view information/media? The fact that this absolutely will doxx your privacy to the government?

I'm all for, "wont somebody think of the children", but IMO protecting children is a 'solved' problem. When a child runs into the street we blame the parents, we don't install gates down every sidewalk. When a kid is seen riding a bike without a helmet, again, we don't decide that you need to send your government a selfie before the tires unlock.

Sites do have a responsibility to ensure people don't misuse their content. But liquor stores only ask for ID when you try to buy a dangerous substance, they don't make you ask your government for permission.

And that works flawlessly, fake IDs definitely aren't a thing, and I'm sure the same applies to this online ID thing.

Edit: I had 2nd thoughts about this because I don't like to make slippery slope arguments but this one seems worthy of consideration at the very least. Once this exists, all sites dealing with fraud will start to use it. Which Will have a DOS effect on government servers, which means they will try to mitigate it by requiring the requesting site provide a site ID and unique ID for the request. So much for any of the features that people expect might protect some privacy.
1 comments
takinola 898 days ago
> The fact that this absolutely will doxx your privacy to the government?

Done properly this will not reveal your online behavior to the government any more than using your government issued ID card to enter a bar leaks your location to the issuing party.

Now, whether governments should have the right to restrict access to certain types of information and media based on age is a different question

link
grayhatter 898 days ago
> Done properly this will not reveal your online behavior to the government any more than using your government issued ID card to enter a bar leaks your location to the issuing party.

This is incorrect, and a gross misunderstanding of how either network requests on the internet work, or crypto... likely both.

Are you really saying someone looking at an ID card is the same as my computer sending a request containing my ID to a government entity, and waiting for a response?

link
takinola 898 days ago
Here’s an idea for how it could work while preserving your privacy.

1. User verifies their age with a trusted party (which may or may not be a government body)

2. User requests a token from the trusted party. The token is signed so 3rd parties can verify it. The token also includes the public key of the user so 3rd parties can verify whom it is for

3. The user shares this token with the 3rd party site, who is now able to verify the user’s age. Note, the 3rd party site never has to contact the issuer of the token other than to get their public key.

With this model, the token issuer is not able to connect the user to the 3rd party site directly.

We can, of course, think about possible attacks but this is just a basic illustration of the possibilities.

link
dontupvoteme 898 days ago
>Done Property

Why would it ever be?

Either incompetency or Malevolence will make itself manifest.

link