Comment on Is it completely impossible to do age verification without compromising privacy?
TechLich@lemmy.world 1 week agoThe big flaw in this strategy is that once you have set up a signed anonymous key from the government and you can make zero knowledge proofs with it, there’s nothing stopping you from distributing that key to every kid who wants it. If it’s in the browser or an app, etc. you can publish that signed key for anyone who wants to be over 18.
PKI only works if the owner of the private key wants it to be private. It’s effective for things like voting or authenticating because the owner of the key doesn’t want anyone else to be able to impersonate them. But if it’s only for age…
At that point, it might as well just be a file that says “I pinky promise that I’m over 18” that the government has signed and given to you.
jabberwock@lemmy.dbzer0.com 1 week ago
Could tie it to something like a biometric. That and storing it on a write-only device would keep it from being shared too wide. The trickiss to tie it to a true multi-factor and not just something you have (if unencrypted) or something you know (if ASCII armored).
coriza@lemmy.world 1 week ago
Then it adds barrier to entry. If it costs money it will be a problem for the more vulnerable population. If it is free and you can have as many as you want it is gonna be abused, if there is a limit it again starts to be a problem.