table of contents
| SQ(1) | User Commands | SQ(1) |
NAME¶
sq key approvals - Manages certification approvals
SYNOPSIS¶
sq key approvals list [OPTIONS]
sq key approvals update [OPTIONS]
DESCRIPTION¶
Manages certification approvals.
Key holders may approve of third-party certifications associated with their certificate. This subcommand manages the approvals.
To prevent certificate flooding attacks, modern key servers prevent uncontrolled distribution of third-party certifications on certificates. To allow the key holder to control what information is distributed with their certificate, these key servers only distribute third-party certifications that the key holder has explicitly approved.
SUBCOMMANDS¶
sq key approvals list¶
Lists third-party certifications and their approval status.
To prevent certificate flooding attacks, modern key servers prevent uncontrolled distribution of third-party certifications on certificates. To allow the key holder to control what information is distributed with their certificate, these key servers only distribute third-party certifications that the key holder has explicitly approved.
sq key approvals update¶
Approves of third-party certifications allowing for their distribution.
To prevent certificate flooding attacks, modern key servers prevent uncontrolled distribution of third-party certifications on certificates. To allow the key holder to control what information is distributed with their certificate, these key servers only distribute third-party certifications that the key holder has explicitly approved.
By default, all user IDs are considered, but if at least one `--name`, `--email`, or `--userid` argument is given, only the matching user IDs are considered.
After the approvals have been changed, the certificate has to be distributed, e.g. by uploading it to a key server.
EXAMPLES¶
sq key approvals list¶
Lists the approved certifications on all the user IDs.
sq key approvals list \
--cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0
Lists the unapproved certifications on all the user IDs.
sq key approvals list --pending \
--cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0
Lists all unapproved certifications on a given user ID.
sq key approvals list --pending --email=alice@example.org \
--cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0
sq key approvals update¶
Approve of all of the certifications on all of Alice's user IDs.
sq key approvals update --add-all \
--cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0
Approve of all of the certifications on all of Alice's user IDs made by Bob, discarding all prior approvals first.
sq key approvals update --remove-all \
--add-by=511257EBBF077B7AEDAE5D093F68CB84CE537C9A \
--cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0
Approve of all of the certifications on a specific user ID by certifiers that can be authenticated, discarding all prior approvals first.
sq key approvals update --remove-all --add-authenticated \
--cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0 \
"--userid=Alice <alice@example.org>"
Remove the approval of Bob's certification on all of Alice's user IDs.
sq key approvals update \
--remove-by=511257EBBF077B7AEDAE5D093F68CB84CE537C9A \
--cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0
SEE ALSO¶
sq(1), sq-key(1), sq-key-approvals-list(1), sq-key-approvals-update(1).
For the full documentation see <https://book.sequoia-pgp.org>.
VERSION¶
0.40.0 (sequoia-openpgp 1.21.2)
| 0.40.0 | Sequoia PGP |