.TH SQ 1 1.3.1 "Sequoia PGP" "User Commands" .SH NAME sq\-key\-approvals\-update \- Approves of third\-party certifications allowing for their distribution .SH SYNOPSIS .br \fBsq key approvals update\fR [\fIOPTIONS\fR] .SH DESCRIPTION Approves of third\-party certifications allowing for their distribution. .PP To prevent certificate flooding attacks, modern key servers prevent uncontrolled distribution of third\-party certifications on certificates. To allow the key holder to control what information is distributed with their certificate, these key servers only distribute third\-party certifications that the key holder has explicitly approved. .PP By default, all user IDs are considered, but if at least one `\-\-name`, `\-\-email`, or `\-\-userid` argument is given, only the matching user IDs are considered. .PP After the approvals have been changed, the certificate has to be distributed, e.g. by uploading it to a key server. .PP .SH OPTIONS .SS "Subcommand options" .TP \fB\-\-add\-all\fR Approve of all pending certifications .TP \fB\-\-add\-authenticated\fR Approve of all certifications by authenticated certifiers .IP For all pending approvals, try to authenticate any user ID on the certifier, and if any can be authenticated, approve of the certification. .TP \fB\-\-add\-by\fR=\fIFINGERPRINT|KEYID\fR Approve of all certifications by this certifier .TP \fB\-\-cert\fR=\fIFINGERPRINT|KEYID\fR List the approvals on the certificate with the specified fingerprint or key ID .TP \fB\-\-cert\-email\fR=\fIEMAIL\fR List the approvals on the certificate where a user ID includes the specified email address .TP \fB\-\-cert\-file\fR=\fIPATH\fR List the approvals on the certificate read from PATH .TP \fB\-\-cert\-userid\fR=\fIUSERID\fR List the approvals on the certificate with the specified user ID .TP \fB\-\-email\fR=\fIEMAIL\fR Use the self\-signed user ID with the specified email address .TP \fB\-\-output\fR=\fIFILE\fR Write to the specified FILE .IP If not specified, and the certificate was read from the certificate store, imports the modified certificate into the cert store. If not specified, and the certificate was read from a file, writes the modified certificate to stdout. .TP \fB\-\-remove\-all\fR Remove all prior approvals .IP By default, this command adds to the set of already approved certifications. If this flag is given, the existing approvals are disregarded, and only the newly selected certifications are approved, if any. .TP \fB\-\-remove\-by\fR=\fIFINGERPRINT|KEYID\fR Remove all prior approvals of certifications by this certifier .TP \fB\-\-userid\fR=\fIUSERID\fR Use the specified self\-signed user ID .IP The specified user ID must be self signed. .SS "Global options" See \fBsq\fR(1) for a description of the global options. .SH EXAMPLES .PP .PP Approve of all of the certifications on all of Alice's user IDs. .PP .nf .RS sq key approvals update \-\-add\-all \\ .RE .RS .RS \-\-cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0 .RE .RE .PP .fi .PP Approve of all of the certifications on all of Alice's user IDs made by Bob, discarding all prior approvals first. .PP .nf .RS sq key approvals update \-\-remove\-all \\ .RE .RS .RS \-\-add\-by=511257EBBF077B7AEDAE5D093F68CB84CE537C9A \\ .RE .RE .RS .RS \-\-cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0 .RE .RE .PP .fi .PP Approve of all of the certifications on a specific user ID by certifiers that can be authenticated, discarding all prior approvals first. .PP .nf .RS sq key approvals update \-\-remove\-all \-\-add\-authenticated \\ .RE .RS .RS \-\-cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0 \\ .RE .RE .RS .RS \-\-userid="Alice " .RE .RE .PP .fi .PP Remove the approval of Bob's certification on all of Alice's user IDs. .PP .nf .RS sq key approvals update \\ .RE .RS .RS \-\-remove\-by=511257EBBF077B7AEDAE5D093F68CB84CE537C9A \\ .RE .RE .RS .RS \-\-cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0 .RE .RE .fi .SH "SEE ALSO" .nh \fBsq\fR(1), \fBsq\-key\fR(1), \fBsq\-key\-approvals\fR(1). .hy .PP For the full documentation see . .SH VERSION 1.3.1