Epistemic Status: 
Sprouting - This is a zettelkasten-style card about a concept I’m interested in remembering.
RFC 9578 describes the Privacy Pass protocol that “provides a privacy-preserving authorization mechanism”.
In essence, the protocol allows Clients to provide cryptographic tokens that prove nothing other than that they have been created by a given server in the past.
Services can use this to allow anonymous, verifiably secure access to paying customers. Kagi started using it in its search engine.
RFC 9474 and RFC 9497 define protocols used by Privacy Pass for publicly verifiable and privately verifiable variants, respectively.