[fc417fc802]

I have yet to see a scheme that would robustly preserve privacy and freedom floated by any of the major efforts. I think the onus is on you to present a workable scheme, but even then I'm not going to support the major efforts which at present are malicious.

[palata]

I keep mentioning it. Read about Privacy Pass, there is a goddamn RFC for it.

[account42]

Having Privacy in the name doesn't mean it's actually privacy preserving. You can't just ignore attack vectors like collusion between signing entities and websites.

[palata]

Did you read about how it works? Can you precisely describe an attack that defeats it, or are you just throwing names you've heard without actually knowing how Privacy Pass works? Sounds like the latter to me (yes, I read the RFC).

[fc417fc802]

Your tone isn't appropriate. You don't get to assign reading. If you want to convince people of something then clearly state your case. In this instance that would mean outlining the technical argument.

That said, you've got blinders on. You're all over this comment section condescending to people about a particularly clever scheme without considering the various real world objections being raised. Not the least of which is that the vast majority of the tidalwave of legislation on the topic has zero to do with ZKPs.

[palata]

> Not the least of which is that the vast majority of the tidalwave of legislation on the topic has zero to do with ZKPs.

That's not what I see. I mostly see people complaining about the fact that "if they verify my age, it fundamentally means that I have to give them my ID, and I don't want that". And whenever I mention that technically, there are ways to do age verification in a privacy-preserving manner, I get something like "you are so naive, nobody wants age verification, it's THEM (the all corrupt politicians who all have the exact same opinion) against US THE PEOPLE who need to fight for our freedom!

That is very frustrating to me, because

1. I believe that it is counter-productive to be technically wrong by saying "it is fundamentally not possible". Because if politicians genuinely listen to that, then ask a few cryptographers and get the answer "no actually it exists", then it seems only fair that those politicians will just dismiss the whole opposition by saying "oh right, they are just libertarians who don't want regulations and hide behind incorrect technical claims".

2. I believe that many, many people actually are in favour of age verification to protect their kids. And again, yelling at them saying "you understand nothing, this is not technically possible, and the politicians are all corrupt authoritarians anyway" is not constructive. Moreover, "normal" people don't give a shit about the privacy issues, so if they want age verification, they will just accept any technical solution. I would hope for technically savvy people to try to raise the privacy concerns and explain that if there MUST be age verification, AT LEAST it should be done in a privacy-preserving manner.

But yeah, let's keep yelling that it is fundamentally impossible, such that nobody even hears about the privacy-preserving solutions, until we have to either give our ID to random websites or stop using the Internet. Because what seems clear to me is that we are going towards age verification anyway, and there is zero constructive discussion about how to do that right.

[JoshTriplett]

> Because what seems clear to me is that we are going towards age verification anyway

This is one of the reasons you're getting a lot of arguments here. Every bit of energy spent saying "actually, check out this use of cryptography that lets you do this in a privacy-preserving way" is energy not spend saying "no, not under any circumstances" and fighting against it.