Man page - sq-key-approvals-update(1)
Packages contas this manual
- sq-key-expire(1)
- sq-version(1)
- sq-network-dane(1)
- sq-encrypt(1)
- sq-packet-decrypt(1)
- sq-network-search(1)
- sq-packet-join(1)
- sq-pki-authenticate(1)
- sq-key-userid-revoke(1)
- sq-key-list(1)
- sq-key-subkey-expire(1)
- sq-config(1)
- sq-keyring-merge(1)
- sq-network-wkd-search(1)
- sq-verify(1)
- sq-key-subkey(1)
- sq-inspect(1)
- sq-pki-vouch(1)
- sq-pki-link-list(1)
- sq-key-password(1)
- sq-key-subkey-bind(1)
- sq-key-subkey-delete(1)
- sq-packet-split(1)
- sq-key-subkey-export(1)
- sq-pki-link-retract(1)
- sq-config-inspect-network(1)
- sq-pki-lookup(1)
- sq-key-subkey-add(1)
- sq-decrypt(1)
- sq-pki-link-add(1)
- sq-key-approvals-update(1)
- sq-network-keyserver(1)
- sq-cert(1)
- sq-pki-vouch-authorize(1)
- sq-packet-dearmor(1)
- sq-pki-identify(1)
- sq-pki-vouch-add(1)
- sq-cert-import(1)
- sq-network-wkd(1)
- sq-key-subkey-password(1)
- sq-network-dane-search(1)
- sq-network-keyserver-search(1)
- sq-config-inspect-paths(1)
- sq-keyring-filter(1)
- sq-pki-vouch-list(1)
- sq-config-get(1)
- sq-network-wkd-publish(1)
- sq-network-dane-generate(1)
- sq-packet(1)
- sq-cert-export(1)
- sq-keyring-split(1)
- sq-config-inspect(1)
- sq-pki-link(1)
- sq-pki(1)
- sq-network-keyserver-publish(1)
- sq-key-approvals-list(1)
- sq-key-userid(1)
- sq-key-delete(1)
- sq-key-revoke(1)
- sq-key-approvals(1)
- sq-packet-armor(1)
- sq-key-generate(1)
- sq-key-export(1)
- sq-key(1)
- sq-pki-path(1)
- sq-network(1)
- sq(1)
- sq-download(1)
- sq-config-inspect-policy(1)
- sq-pki-vouch-replay(1)
- sq-cert-list(1)
- sq-packet-dump(1)
- sq-key-import(1)
- sq-config-template(1)
- sq-key-userid-add(1)
- sq-pki-link-authorize(1)
- sq-key-subkey-revoke(1)
- sq-sign(1)
- sq-cert-lint(1)
- sq-key-rotate(1)
- sq-keyring-list(1)
- sq-keyring(1)
apt-get install sq
Manual
| SQ(1) | User Commands | SQ(1) |
NAME
sq-key-approvals-update - Approves of third-party certifications allowing for their distribution
SYNOPSIS
sq key approvals update [OPTIONS]
DESCRIPTION
Approves of third-party certifications allowing for their distribution.
To prevent certificate flooding attacks, modern key servers prevent uncontrolled distribution of third-party certifications on certificates. To allow the key holder to control what information is distributed with their certificate, these key servers only distribute third-party certifications that the key holder has explicitly approved.
By default, all user IDs are considered, but if at least one `--name`, `--email`, or `--userid` argument is given, only the matching user IDs are considered.
After the approvals have been changed, the certificate has to be distributed, e.g. by uploading it to a key server.
OPTIONS
Subcommand options
- --add-all
- Approve of all pending certifications
- --add-authenticated
- Approve of all certifications by authenticated certifiers
- For all pending approvals, try to authenticate any user ID on the certifier, and if any can be authenticated, approve of the certification.
- --add-by=FINGERPRINT|KEYID
- Approve of all certifications by this certifier
- --cert=FINGERPRINT|KEYID
- List the approvals on the certificate with the specified fingerprint or key ID
- --cert-email=EMAIL
- List the approvals on the certificate where a user ID includes the specified email address
- --cert-file=PATH
- List the approvals on the certificate read from PATH
- --cert-userid=USERID
- List the approvals on the certificate with the specified user ID
- --email=EMAIL
- Use the self-signed user ID with the specified email address
- --output=FILE
- Write to the specified FILE
- If not specified, and the certificate was read from the certificate store, imports the modified certificate into the cert store. If not specified, and the certificate was read from a file, writes the modified certificate to stdout.
- --remove-all
- Remove all prior approvals
- By default, this command adds to the set of already approved certifications. If this flag is given, the existing approvals are disregarded, and only the newly selected certifications are approved, if any.
- --remove-by=FINGERPRINT|KEYID
- Remove all prior approvals of certifications by this certifier
- --userid=USERID
- Use the specified self-signed user ID
- The specified user ID must be self signed.
Global options
See sq(1) for a description of the global options.
EXAMPLES
Approve of all of the certifications on all of Alice's user IDs.
sq key approvals update --add-all \
--cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0
Approve of all of the certifications on all of Alice's user IDs made by Bob, discarding all prior approvals first.
sq key approvals update --remove-all \
--add-by=511257EBBF077B7AEDAE5D093F68CB84CE537C9A \
--cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0
Approve of all of the certifications on a specific user ID by certifiers that can be authenticated, discarding all prior approvals first.
sq key approvals update --remove-all --add-authenticated \
--cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0 \
--userid="Alice <alice@example.org>"
Remove the approval of Bob's certification on all of Alice's user IDs.
sq key approvals update \
--remove-by=511257EBBF077B7AEDAE5D093F68CB84CE537C9A \
--cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0
SEE ALSO
sq(1), sq-key(1), sq-key-approvals(1).
For the full documentation see <https://book.sequoia-pgp.org/>.
VERSION
1.3.1
| 1.3.1 | Sequoia PGP |