sq-key-approvals - Man Page
Manages certification approvals
Synopsis
sq key approvals list [OPTIONS]
sq key approvals update [OPTIONS]
Description
Manages certification approvals.
Key holders may approve of third-party certifications associated with their certificate. This subcommand manages the approvals.
To prevent certificate flooding attacks, modern key servers prevent uncontrolled distribution of third-party certifications on certificates. To allow the key holder to control what information is distributed with their certificate, these key servers only distribute third-party certifications that the key holder has explicitly approved.
Subcommands
sq key approvals list
Lists third-party certifications and their approval status.
To prevent certificate flooding attacks, modern key servers prevent uncontrolled distribution of third-party certifications on certificates. To allow the key holder to control what information is distributed with their certificate, these key servers only distribute third-party certifications that the key holder has explicitly approved.
sq key approvals update
Approves of third-party certifications allowing for their distribution.
To prevent certificate flooding attacks, modern key servers prevent uncontrolled distribution of third-party certifications on certificates. To allow the key holder to control what information is distributed with their certificate, these key servers only distribute third-party certifications that the key holder has explicitly approved.
By default, all user IDs are considered, but if at least one `--name`, `--email`, or `--userid` argument is given, only the matching user IDs are considered.
After the approvals have been changed, the certificate has to be distributed, e.g. by uploading it to a key server.
Examples
sq key approvals list
Lists the approved certifications on all the user IDs.
sq key approvals list --cert \
EB28F26E2739A4870ECC47726F0073F60FD0CBF0Lists the unapproved certifications on all the user IDs.
sq key approvals list --pending --cert \
EB28F26E2739A4870ECC47726F0073F60FD0CBF0Lists all unapproved certifications on a given user ID.
sq key approvals list --pending --email alice@example.org \
--cert EB28F26E2739A4870ECC47726F0073F60FD0CBF0sq key approvals update
Approve of all of the certifications on all of Alice's user IDs.
sq key approvals update --add-all --cert \
EB28F26E2739A4870ECC47726F0073F60FD0CBF0Approve of all of the certifications on all of Alice's user IDs made by Bob, discarding all prior approvals first.
sq key approvals update --remove-all --add-by \
511257EBBF077B7AEDAE5D093F68CB84CE537C9A --cert \EB28F26E2739A4870ECC47726F0073F60FD0CBF0
Approve of all of the certifications on a specific user ID by certifiers that can be authenticated, discarding all prior approvals first.
sq key approvals update --remove-all --add-authenticated \
--cert EB28F26E2739A4870ECC47726F0073F60FD0CBF0 \--userid "Alice <alice@example.org>"
Remove the approval of Bob's certification on all of Alice's user IDs.
sq key approvals update --remove-by \
511257EBBF077B7AEDAE5D093F68CB84CE537C9A --cert \EB28F26E2739A4870ECC47726F0073F60FD0CBF0
See Also
sq(1), sq-key(1), sq-key-approvals-list(1), sq-key-approvals-update(1).
For the full documentation see <https://book.sequoia-pgp.org>.
Version
0.38.0 (sequoia-openpgp 1.21.2)
Referenced By
sq-key(1), sq-key-approvals-list(1), sq-key-approvals-update(1).