@dalias my personal view is that most of fedi is rejecting a boogeyman created by lunduke

the california law is clearly intended for consumer OS with cloud services and app stores.

but importantly it has quite a few features that seem desirable

- the assured age bucket is configurable by the device owner
- it is not verified with third party services like persona
- app developers have to accept it as a valid age verification unless they have direct knowledge that the age verification is invalid (!)

the latter seems actually to be good, as there is less personal data processing happening. it makes it illegal for app developers to demand ID, they have to accept the attested signal.

I don't even know what shape, if any, compliance for a distro would look like, but most likely that information wouldnt be stored in /etc/passwd anyway.

most likely we would just have a daemon that generates attestations based on a configured age bracket. no libc changes needed 😵‍💫

@ariadne What about users who don't want that data stored on their computer to begin with, where it might leak due to vulnerabilities or badly-behaved applications?

And what apps would this even be serving? We're not like appstore platforms with sketchy apps that phone home to some service provider and want to report information abou the user. There's no possible thing any real native application that would be packaged could use this for.

But worst of all, complying is expressing a willingness to go along with ridiculous demands of a malicious government.