.TH SQ 1 0.38.0 "Sequoia PGP" "User Commands" .SH NAME sq network wkd \- Retrieve and publishes certificates via Web Key Directories .SH SYNOPSIS .br \fBsq network wkd fetch\fR [\fIOPTIONS\fR] \fIADDRESS\fR .br \fBsq network wkd publish\fR [\fIOPTIONS\fR] \fIDEST\fR .SH DESCRIPTION Retrieve and publishes certificates via Web Key Directories. .PP The Web Key Directory (WKD) is a method for publishing and retrieving certificates from web servers. .PP .SH SUBCOMMANDS .SS "sq network wkd fetch" Retrieve certificates from a Web Key Directory. .PP By default, any returned certificates are stored in the local certificate store. This can be overridden by using `\-\-output` option. .PP When a certificate is retrieved from a WKD, and imported into the local certificate store, any User IDs with the email address that was looked up are certificated with a local WKD\-specific key. That proxy certificate is in turn certified as a minimally trusted CA (trust amount: 1 of 120) by the local trust root. How much the WKD proxy CA is trusted can be tuned using `sq pki link add` or `sq pki link retract` in the usual way. .PP .SS "sq network wkd publish" Publish certificates in a Web Key Directory. .PP Publishes certificates or certificate updates in a Web Key Directory (WKD). You can create or update a WKD hierarchy on the local system by specifying a path as destination. .PP Typically, a WKD is stored on a web server. If `\-\-rsync` is given, this command manages remote WKD directory hierarchies by using rsync(1). .PP To insert a new certificate into the WKD, use `\-\-cert`. .PP Any updates for certificates already existing in the WKD are automatically published. .PP Note: To update a WKD hierarchy, it is first copied to a temporary location on the local machine, new certificates or certificate updates are inserted into the local copy, and the hierarchy is copied back to its original location. As this is not an atomic operation, care must be taken to avoid concurrent updates. .PP .SH EXAMPLES .SS "sq network wkd publish" .PP .PP Create a new WKD hierarchy in the local directory `public_html`, and insert Alice's cert. .PP .nf .RS sq network wkd publish \-\-create \\ .RE .RS .RS \-\-cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0 \\ .RE .RE .RS .RS \-\-domain=example.org public_html .RE .RE .PP .fi .PP Add Bob's cert to the existing WKD hierarchy in the local directory `public_html`. .PP .nf .RS sq network wkd publish \\ .RE .RS .RS \-\-cert=511257EBBF077B7AEDAE5D093F68CB84CE537C9A \\ .RE .RE .RS .RS \-\-domain=example.org public_html .RE .RE .PP .fi .PP Refresh all certs in the existing WKD hierarchy in the local directory `public_html` from the cert store. .PP .nf .RS sq network wkd publish \-\-domain=example.org public_html .RE .fi .SH "SEE ALSO" .nh \fBsq\fR(1), \fBsq\-network\fR(1), \fBsq\-network\-wkd\-fetch\fR(1), \fBsq\-network\-wkd\-publish\fR(1). .hy .PP For the full documentation see . .SH VERSION 0.38.0 (sequoia\-openpgp 1.21.2)