(Controlling Web page accesses is a much tougher problem, of course. so I wouldn't expect much action on this at first.)

By the way, I recently discovered a new twist on "age credentials": the use of credit cards to prove age. One image site is asking for a "valid credit card number" to be given...not to use for charges, but just to do a quick verification (they claim a few minutes or less) that the card is valid and in the name of the person accessing their site. Timothy C. May | Crypto Anarchy: encryption, digital money,

Actually, I've been thinking about this quite a bit recently. I'm building an SSL enabled server, and clent-side authentication may provide some help. I could see a user getting his or her public key certificate signed with different CA keys which assert any number of conditions, such as: Key holder was born before (some particular date). Key holder has access to sales data for XYZ corp. Key holder is an adult who takes the first amendment seriously. ... and the server would recognize different CA signatures as permitting different levels of access. If your browser permitted you to select the key certificate used in setting up the encrypted link (and different certs or sets of certs could be protected with different passphrases), then Mom or Dad could use their I-am-an-adult credential to read www.xxx.com, while Junior could not. There *is* a loss of anonymity in this scheme, however. I realize that digital credentials are old hat on this list. The point I am making is that the pieces for doing this are here - we just need to assemble them. (This is not to suggest that I am in favor of Exon/Coates in any way - I am not. ) Speaking for myself alone.... Peter Trei Senior Software Engineer Purveyor Development Team Process Software Corporation http://www.process.com trei@process.com