NAME

sigsum-token-verify - verify rate-limit token

SYNOPSIS

sigsum-token verify [-q] [-d domain-name] [--help] [-k key-file] [-l key-file] <token

DESCRIPTION

Verify a submit token. The input on stdin is either a raw hex token or an HTTP header. For a raw token, one of --key or --domain is required. For an HTTP header, --key and --domain are optional, but validation fails if they are inconsistent with what's looked up from the HTTP header. The -q (quiet) option suppresses output on validation errors, with result only reflected in the exit code.

OPTIONS

-d, --domain=domain-name

Domain name where the rate-limit key is available as a TXT record; without any "_sigsum_v1." prefix

--help

Display help

-k, --key=key-file

Rate-limit public-key in OpenSSH format

-l, --log-key=key-file

Log public-key in OpenSSH format (required)

-q, --quiet

Quiet mode

RETURN CODES

A non-zero return code is used to indicate failure.

CONTACT

Send an email to the sigsum-general mailing list at sigsum-general@lists.sigsum.org. You can also reach out in room #sigsum at OFTC.net and matrix.org.

REPORTING BUGS

Use the issue tracker located at https://git.glasklar.is/sigsum/core/sigsum-go/-/issues. To file issues without a GitLab account, send an email to sigsum-core-sigsum-go-issues@incoming.glasklar.is and wait for a maintainer to make the issue public.

SEE ALSO

sigsum-key(1) sigsum-monitor(1) sigsum-submit(1) sigsum-token-create(1) sigsum-token-record(1) sigsum-token-verify(1) sigsum-tools(5) sigsum-verify(1)