| SQ(1) | User Commands | SQ(1) |
NAME¶
sq pki link retract - Retract links
SYNOPSIS¶
sq pki link retract [OPTIONS]
DESCRIPTION¶
Retract links.
This command retracts links that were previously created using `sq pki link add` or `sq pki link authorize`. See that subcommand's documentation for more details. Note: this is called `retract` and not `remove`, because the certifications are not removed. Instead a new certification is added, which says that the binding has not been authenticated.
`sq pki link retract` respects the reference time set by the top-level `--time` argument. This causes a link to be retracted as of a particular time instead of the current time.
OPTIONS¶
Subcommand options¶
- --cert=FINGERPRINT|KEYID
- Use certificates with the specified fingerprint or key ID
- --email=EMAIL
- Use a user ID with the specified email address.
- This first searches for a matching self-signed user ID. If there is no self-signed user ID with the specified email, it uses a new user ID with the specified email address, and no display name.
- --recreate
- Recreate signature even if the parameters did not change
- If the link parameters did not change, and thus creating a signature should not be necessary, we omit the operation. This flag can be given to force the signature to be re-created anyway.
- --signature-notation NAME VALUE
- Add a notation to the certification. A user-defined notation's name must be of the form `name@a.domain.you.control.org`. If the notation's name starts with a !, then the notation is marked as being critical. If a consumer of a signature doesn't understand a critical notation, then it will ignore the signature. The notation is marked as being human readable.
- --userid=USERID
- Use the specified user ID.
- The specified user ID does not need to be self signed.
Global options¶
See sq(1) for a description of the global options.
EXAMPLES¶
Link the certificate EB28F26E2739A4870ECC47726F0073F60FD0CBF0 with the email address alice@example.org.
sq pki link add \
--cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0 \
--email=alice@example.org
Retract the acceptance of certificate EB28F26E2739A4870ECC47726F0073F60FD0CBF0 and the email address alice@example.org.
sq pki link retract \
--cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0 \
--email=alice@example.org
Retract the acceptance of certificate EB28F26E2739A4870ECC47726F0073F60FD0CBF0 and any associated user IDs. This effectively invalidates all links.
sq pki link retract \
--cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0
SEE ALSO¶
sq(1), sq-pki(1), sq-pki-link(1).
For the full documentation see <https://book.sequoia-pgp.org>.
VERSION¶
0.40.0 (sequoia-openpgp 1.21.2)
| 0.40.0 | Sequoia PGP |