Man page - sq-pki-link-retract(1)

Packages contains this manual

Package:  sq
apt-get install sq

Manuals in package:
• sq-network-keyserver(1)
• sq-key-expire(1)
• sq-pki-link(1)
• sq-pki-link-authorize(1)
• sq-network-dane-generate(1)
• sq-config-inspect-network(1)
• sq-network-dane-search(1)
• sq-pki-vouch-list(1)
• sq-keyring-list(1)
• sq-pki-vouch(1)
• sq-packet-join(1)
• sq-key-subkey-bind(1)
• sq-key-userid-revoke(1)
• sq-packet-split(1)
• sq-config-inspect(1)
• sq-network-search(1)
• sq-pki-path(1)
• sq-keyring-split(1)
• sq-key-subkey-export(1)
• sq-sign(1)
• sq-network-wkd-publish(1)
• sq-key-delete(1)
• sq-packet-decrypt(1)
• sq-key-subkey-password(1)
• sq-cert-list(1)
• sq-key-userid(1)
• sq-network-wkd-search(1)
• sq-pki-link-retract(1)
• sq-keyring-merge(1)
• sq-key-subkey(1)
• sq-pki(1)
• sq-cert(1)
• sq-key-list(1)
• sq-pki-vouch-replay(1)
• sq-pki-authenticate(1)
• sq-pki-link-add(1)
• sq-key-password(1)
• sq-network-keyserver-publish(1)
• sq-config-get(1)
• sq-key-subkey-delete(1)
• sq-config-inspect-paths(1)
• sq-packet-dump(1)
• sq-key-rotate(1)
• sq-key-approvals-list(1)
• sq-download(1)
• sq-key-export(1)
• sq-keyring(1)
• sq-version(1)
• sq-key-userid-add(1)
• sq-pki-vouch-add(1)
• sq-packet-dearmor(1)
• sq-packet(1)
• sq-cert-import(1)
• sq-key-subkey-revoke(1)
• sq-key-approvals-update(1)
• sq-network-keyserver-search(1)
• sq-inspect(1)
• sq-pki-identify(1)
• sq-keyring-filter(1)
• sq-network(1)
• sq-pki-lookup(1)
• sq-pki-link-list(1)
• sq-cert-lint(1)
• sq-key-approvals(1)
• sq-cert-export(1)
• sq-network-wkd(1)
• sq-verify(1)
• sq-key-revoke(1)
• sq-config-inspect-policy(1)
• sq-decrypt(1)
• sq-network-dane(1)
• sq-key-generate(1)
• sq-key-import(1)
• sq(1)
• sq-config(1)
• sq-config-template(1)
• sq-pki-vouch-authorize(1)
• sq-key(1)
• sq-encrypt(1)
• sq-key-subkey-expire(1)
• sq-key-subkey-add(1)
• sq-packet-armor(1)
Documentations in package:
• sq

Manual

SQ

NAME
SYNOPSIS
DESCRIPTION
OPTIONS
Subcommand options
Global options
EXAMPLES
SEE ALSO
VERSION

---

NAME

sq-pki-link-retract - Retract links

SYNOPSIS

sq pki link retract [ OPTIONS ]

DESCRIPTION

Retract links.

This command retracts links that were previously created using ‘sq pki link add‘ or ‘sq pki link authorize‘. See that subcommand’s documentation for more details. Note: this is called ‘retract‘ and not ‘remove‘, because the certifications are not removed. Instead a new certification is added, which says that the binding has not been authenticated.

‘sq pki link retract‘ respects the reference time set by the top-level ‘--time‘ argument. This causes a link to be retracted as of a particular time instead of the current time.

OPTIONS

Subcommand options

--all

Use all self-signed user IDs

--cert = FINGERPRINT|KEYID

Use certificates with the specified fingerprint or key ID

--cert-special = SPECIAL

Use certificates identified by the special name

[possible values: public-directories , keys.openpgp.org , keys.mailvelope.com , proton.me , wkd , dane , autocrypt , web ]

--email = EMAIL

Use a user ID with the specified email address

The user ID consists of just the email address. The email address does not have to appear in a self-signed user ID.

--recreate

Recreate signature even if the parameters did not change

If the link parameters did not change, and thus creating a signature should not be necessary, we omit the operation. This flag can be given to force the signature to be re-created anyway.

--signature-notation NAME VALUE

Add a notation to the signature

A user-defined notation’s name must be of the form ‘name@a.domain.you.control.org‘. If the notation’s name starts with a ‘!‘, then the notation is marked as being critical. If a consumer of a signature doesn’t understand a critical notation, then it will ignore the signature. The notation is marked as being human readable.

--userid = USERID

Use the specified user ID

The specified user ID does not need to be self signed.

Because using a user ID that is not self-signed is often a mistake, you need to use this option to explicitly opt in.

--userid-by-email = EMAIL

Use the self-signed user ID with the specified email address

Global options

See sq (1) for a description of the global options.

EXAMPLES

Link the certificate EB28F26E2739A4870ECC47726F0073F60FD0CBF0 with the email address alice@example.org.

sq pki link add \

--cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0 \
--add-email=alice@example.org

Retract the acceptance of certificate EB28F26E2739A4870ECC47726F0073F60FD0CBF0 and the email address alice@example.org.

sq pki link retract \

--cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0 \
--email=alice@example.org

Retract the acceptance of certificate EB28F26E2739A4870ECC47726F0073F60FD0CBF0 and any associated user IDs. This effectively invalidates all links.

sq pki link retract \

--cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0 --all

SEE ALSO

sq (1), sq-pki (1), sq-pki-link (1).

For the full documentation see <https://book.sequoia-pgp.org/>.

VERSION

1.3.1

---