[hellojesus]

> The whole point is that they CAN identify you (to verify your age), but in... well a privacy-preserving manner :-).

But how can this be done so that the site and I'd verifier can't collude on a backchannel to unmask you?

> In a non-functional democracy, I guess don't complain if someone burns your car "to counter the state" some day if you think like this.

I don't advocate for destroying private property. Sharing tokens doesn't destroy property or ip/copyright.

[palata]

> But how can this be done so that the site and I'd verifier can't collude on a backchannel to unmask you?

Now we're talking :-). Look at Privacy Pass, it's interesting!

If you like RFCs, it's here: https://www.rfc-editor.org/rfc/rfc9576.html

Kagi has a nice explanation here: https://help.kagi.com/kagi/privacy/how-does-privacy-pass-wor...

[hellojesus]

Thanks. I appreciate the link. One thing I wasn't able to fully understand from the Kagi article: how does this solve the problem of "token handoff"? For example, if User A generates a token (from an unlimited search acct) and hands it to User B, whom has no association with Kagi, how does Kagi block User B's access? Or do they just assume it's fine because the token count is capped at a low enough value as to make it unprofitable for me, as a user, to purchase an unlimited search plan and then resell my plan at a lower price (making a profit on volume) by handing out my precomputed tokens to my resold subscribers to use?

[palata]

It doesn't solve it.

I don't think that there is a need for a technical solution to that, though. In the Kagi example, probably they trust that their users won't do that, and someone could already resell searches this way (e.g. write some kind of proxy). Similarly, an adult can already help a kid get access to stuff they shouldn't. But the point is to make it harder for kids to do it on their own, for their own sake.

It's not computer security, where your system is "as weak as the weakest part". We don't care if a few kids access social media: the goal would be to make it such that the norm, for kids, is to not have social media.

[hellojesus]

Thank you. This helps my understanding, and I would find this solution the proper one if we determine that this road must be walked.

But I still have reservations that this would be the "foot in the door", because people like me will generate and publish tokens publicly, and then lobbyists will use this as the reason why we can't allow the use of private keys unless the website receiving them can certify they belong to the user presenting them, thus forcing a rework of the implementation.

[palata]

I think there is a sane debate to have around whether or not we want privacy-preserving age verification, indeed. And how much of a "foot in the door" it is (is it building more surveillance technology, or is it actually building privacy-preserving technology that will counter it?).

My concern is that "society" may want to control social media for kids, and if we say "either you don't do it or you leak the IDs", it may end up on "ok then let's leak the IDs" without even considering the better way.

I am just very frustrated because right now, even in a place like here where it's supposed to be around tech-savvy people, the discussion feels like kids repeating what they heard: "it's like ChatControl, it's fundamentally stupid and impossible".

[hellojesus]

Makes sense and apologies if I came off that way. I just skip to the logical conclusion, which is that there is no way this is going to happen without a race to the bottom, ending by forcing privacy violations. But maybe I'm wrong. I'll be a bit more cautious with my posts.