alt Hacker NewsHow does this work for mixed-content sites? Like say a minor visits a video sharing or social media site and the default feed/recommendations list includes stuff that should be age-restricted, but is mostly stuff that shouldn't be.
The entire site shouldn't be blocked; the browser needs a way to tell the website "my parental controls are enabled and I need to you to filter out age-restricted content".
Alternatively, the RTA header/meta could include a parameter/attribute for an "alternate URL" to load when parental controls are enabled. This could be useful to allow sites to present a custom error-type response, but could also be used to automatically redirect the user to similar, but age-appropriate, content.
Anyway, this all ignores the fact that "protect the children" isn't really the goal here: it's to slowly eat away at our ability to be anonymous (even read-only anonymous) on the internet. Age verification is just a watered-down way of saying they require positive identification, and eventually our hardware will have to cryptographically attest we are who we say we are. I really hope this isn't inevitable, but it's starting to feel that way.
Once you have a content label header it's pretty easy to build more complicated systems on top of that. Like the site could send "compliant with x regulation" in the content labeling header, and then that would tell the kid's browser it doesn't have to completely block the page but can instead reload the page with a request header saying "filter out a, b, and c content" and expect that to be complied with.
That could be a fingerprinting vector though so maybe depending on privacy settings it just blocks the page. Really these are all solvable problems that web standards orgs have dealt with before; you just need to create the incentive for such systems to exist.