[mijoharas]

This is what I think. I saw someone else on HN suggested provide an `X-User-Age` header to these sites, and provide parents with a password protected page to set that in the browser/OS.

Responsibility should be on the website to not provide the content if the header is sent with an inappropriate age, and for the parent to set it up on the device, or to not provide a child a device without child-safe restrictions.

It seems very obviously simple to me, and I don't see why any of these other systems have gained steam everywhere all of a sudden (apart from a desire to enhance tracking).

[qup]

Seems simple until you try to figure out what's allowed for what age, which surely will differ by country at a minimum.

[mijoharas]

To me that's a geo-ip lookup on the online service, which they kinda need to do anyways so seems fine?

(if there are further restrictions then it gets messy, but I feel like that's the current state of things anyways? at least for online services which I'm mostly speaking about here.)

Mostly my point is I don't think attestation is required. I think that responsibility should fall upon parents, and I don't want to have to give my ID to any online sites, because I don't remotely trust them to keep that safe. I'm less worried about them storing a number I send them about how old I am.

[qup]

There's ~195 countries with 195 sets of laws.

And 50 US states.

[mijoharas]

Yeah, and frankly if you have a porn site (for example) you already need to deal with the different country restrictions.

Having no restrictions would be great, but since a bunch of countries are passing these laws I'd appreciate having a minimally invasive version instead.