alt Hacker NewsThree things:
1. This assumes that websites are under your jurisdiction and can be fined. This is not a valid assumption on the internet. If you want to do this, you need a framework to block noncompliant websites via ISP-side null-routing, putting pressure on payment processors and hosting companies which do operate in your country etc.
2. HTML tags and not HTTP headers. If just a small part of the site contains content which shouldn't be displayed, the web browser should just hide that part.
3. Sometimes, it is genuinely useful to know the user's restrictions ahead of time. Imagine you're a movie streaming site or game store. You have some content which is suitable for the user, no matter their age, but you need to know which bracket they're in to decide what to show them. Without that info, you either default-adult (which sucks for children) or default-child (which sucks for adults).
Replies
No, I don't think any of that follows from that. The header can be set in the initial communication attempt. It is even more specific than any other mechanism to verify your age, because this header can be set appropriately for any web resource.
The problem of hosts in countries that don't give a shit is true for every solution aside from the great all blocking firewall no developed nation would want to have. So no to "ISP null routing" from me. ISPs provide infrastructure. They are not school teachers.
Such a solution implemented today would be tunnelled yesterday and everyone should support evasion attempts.
Countries that do not follow it could in theory be BGP filtered or sanctioned. I doubt that would happen. Probably more like the country would be added to parental controls in the browsers and parents could de-select a checkbox that is checked by default saying to block that country. If that were a thing I think some people would be enabling parental controls on themselves just to filter out some shenanigans.