|
|
|
|
|
|
by feurio
5 days ago
|
|
|
If a site creates some opaque token representing the request, and the token is signed by the ID service with no other information disclosure that "The user that presented this is of the appropriate age" that would seem like a reasonable compromise. Token could be signed out-of-band to obscure the interaction between the parties. |
|
|