[eru]

> If you are in this articles audience you would simply state the producer of the ID card signs a statement that the person is over 18. No ZKP needed.

> The article like many others would be improved with a better example.

It's easy to make this example better:

Assume there are 50 different providers of ID cards, and Alice wants to convince Bob that she's over 18 years old.

Bob trusts all 50 issuers, but Alice doesn't want to reveal who her issuer is.

So here Alice could indeed get the supplier of her ID card to sign such a statement (and perhaps already have one prepared). For ZKP, you can also assume that the ID card issuers are not co-operating (nor do they care about each other), and that different Bobs might trust different sets of providers, and that the sets of trusted providers might change over time.

[BHSPitMonkey]

> Bob trusts all 50 issuers, but Alice doesn't want to reveal who her issuer is.

So, just a form of certificate chaining? With the same old challenges that come up if Bob learns that one of the issuers was compromised for some period of time?

[eru]

Sorry, what is certificate chaining in this context?

ZKP allows you to run arbitrary logic, without the id providers having to anticipate what you are trying to do nor having to cooperate. Eg you could prove that 'either your age is a prime number or that you have green eyes and live in New York'.

[nailer]

> Sorry, what is certificate chaining in this context?

crypto people need to learn crypto.

[eru]

Let me be more blunt: I don't think certificate chaining is a useful concept in this context, but I wanted to be more polite about my objection and give you a chance to explain your idea. Better?