That’s not true. It’s simple if all you actually want is age verification.
You go in to the government building and show your ID. Seeing you are 18 or older you get to go to another room where they don’t check your ID, just give you a token saying the one holding it is over 18. Make the token like a FIDO key where you have a pin you set yourself.
There is an air gap between the validation and the token creation so there is no way to go from token to ID. You make the key use a pin so we consider it to be once usable by one person.
The issue is not about the technology. The issue is that we all know this has nothing to do with kids getting on porn sites.
It can be a shared token. For example a cryptographic hash. There are many solutions for the problem of certifying a token while giving no traceable data.
In most solutions there would be the traceability of knowing “User X went to site Y and site Z” but never knowing who “User X” is. There have been solutions proposed that create site specific hashes where it becomes more difficult if not impossible to track a user across different sites. So it just depends on if this issue needs to be resolved or not.
Personally I would be fine letting every porn site I use know I’ve been to every other porn site. If you wanted to go somewhere that you don’t want them to know, throw out your token and go get a new one.
That’s not true. It’s simple if all you actually want is age verification.
You go in to the government building and show your ID. Seeing you are 18 or older you get to go to another room where they don’t check your ID, just give you a token saying the one holding it is over 18. Make the token like a FIDO key where you have a pin you set yourself.
There is an air gap between the validation and the token creation so there is no way to go from token to ID. You make the key use a pin so we consider it to be once usable by one person.
The issue is not about the technology. The issue is that we all know this has nothing to do with kids getting on porn sites.
Would these tokens be unique per website visit? Are they generated by the user or the government?
It can be a shared token. For example a cryptographic hash. There are many solutions for the problem of certifying a token while giving no traceable data.
In most solutions there would be the traceability of knowing “User X went to site Y and site Z” but never knowing who “User X” is. There have been solutions proposed that create site specific hashes where it becomes more difficult if not impossible to track a user across different sites. So it just depends on if this issue needs to be resolved or not.
Personally I would be fine letting every porn site I use know I’ve been to every other porn site. If you wanted to go somewhere that you don’t want them to know, throw out your token and go get a new one.