| SQ(1) | User Commands | SQ(1) |
NAME
sq key approvals update - Approves of third-party certifications
SYNOPSIS
sq key approvals update [OPTIONS]
DESCRIPTION
Approves of third-party certifications allowing for their distribution.
To prevent certificate flooding attacks, modern key servers prevent uncontrolled distribution of third-party certifications on certificates. To allow the key holder to control what information is distributed with their certificate, these key servers only distribute third-party certifications that the key holder has explicitly approved.
By default, all user IDs are considered, but if at least one `--name`, `--email`, or `--userid` argument is given, only the matching user IDs are considered.
After the approvals have been changed, the certificate has to be distributed, e.g. by uploading it to a key server.
OPTIONS
Subcommand options
- --add-all
- Approve of all pending certifications
- --add-authenticated[=AMOUNT]
- Approve of all certifications by authenticated certifiers.
- For all pending approvals, try to authenticate any user ID on the certifier, and if any can be authenticated to at least the given amount, approve of the certification.
- --add-by=FINGERPRINT|KEYID
- Approve of all certifications by this certifier
- --binary
- Emit binary data
- --cert=CERT
- Change attestations on the specified certificate
- --cert-file=CERT_FILE
- Change attestations on the specified certificate
- --email=EMAILS
- Change approvals on this email address user ID
- --name=NAMES
- Change approvals on this name user ID
- --output=FILE
- Write to the specified FILE.
- If not specified, and the certificate was read from the certificate store, imports the modified certificate into the cert store. If not specified, and the certificate was read from a file, writes the modified certificate to stdout.
- --remove-all
- Remove all prior approvals.
- By default, this command adds to the set of already approved certifications. If this flag is given, the existing approvals are disregarded, and only the newly selected certifications are approved, if any.
- --remove-by=FINGERPRINT|KEYID
- Remove all prior approvals of certifications by this certifier
- --userid=USERIDS
- Change approvals on this user ID
Global options
See sq(1) for a description of the global options.
EXAMPLES
Approve of all of the certifications on all of Alice's user IDs.
sq key approvals update --add-all --cert \
EB28F26E2739A4870ECC47726F0073F60FD0CBF0
Approve of all of the certifications on all of Alice's user IDs made by Bob, discarding all prior approvals first.
sq key approvals update --remove-all --add-by \
511257EBBF077B7AEDAE5D093F68CB84CE537C9A --cert \
EB28F26E2739A4870ECC47726F0073F60FD0CBF0
Approve of all of the certifications on a specific user ID by certifiers that can be authenticated, discarding all prior approvals first.
sq key approvals update --remove-all --add-authenticated \
--cert EB28F26E2739A4870ECC47726F0073F60FD0CBF0 \
--userid "Alice <alice@example.org>"
Remove the approval of Bob's certification on all of Alice's user IDs.
sq key approvals update --remove-by \
511257EBBF077B7AEDAE5D093F68CB84CE537C9A --cert \
EB28F26E2739A4870ECC47726F0073F60FD0CBF0
SEE ALSO
sq(1), sq-key(1), sq-key-approvals(1).
For the full documentation see https://book.sequoia-pgp.org.
VERSION
0.38.0 (sequoia-openpgp 1.21.2)
| 0.38.0 | Sequoia PGP |