Comment by cloudfudge
25 days ago
mTLS is no good because the target service could then uniquely identify you. I think you explicitly want a three-party scheme where the target service just accepts the idp's assertion about your age in a cryptographically secure way.
I feel like mTLS could still work in third-party signing.