[hydrogen7800]

Why isn't there a simple solution in the software world that's functionally equivalent to flashing your ID at the liquor store? They get the verification they need with no permanent record of your PII.

This can't be that hard. Can't I get an electronic certificate/flag verified by a trusted third party using my ID, where this cert retains no PII? This is what I come up with after not thinking very hard about the problem, and I can't be alone.

Maybe its naive to think that harvesting PII isn't the point.

[jsmith45]

In theory, sure, an identity verifier could issue you you a bunch of single use JWTs signed by them that contain `{"over18":"true", "nonce": 12748583..., "iss": "<issuerurl>"}`, signed by their key. A relying party just needs to know the public keys of all the issuers they trust, and can consume this JWT, verify it, and never learn anything about your IRL identity.

The important things are that they must issue a bunch at once. (Otherwise, correlating who you are becomes easy). They must keep no record tying nonce or the full JWT to an individual identity. Something user local or otherwise trustworthy (not keeping logs), needs to hold on to these, and send them out as needed, being very very careful never to reuse one (as that would enable cross site tracking). Lastly a relying party must be required to trust many issuers, not just those they are colluding with track users across sites with this.

The European Commission actually proposed pretty much exactly this system, also with a variation where instead of revealing the signed token, a ZSNARK proof (that you possess a validly signed token with the over18 attribute from a specific issuer) could be given to the relying party instead (to make it impossible for issuer and relying party to collude to release your identity). Many people here seemed to not like it.

[chadgpt3]

California just mandated a simple solution in this style.