sq-network-dane-fetch - Man Page

Retrieve certificates using DANE

Synopsis

sq network dane fetch [Options] ADDRESS

Description

Retrieve certificates using DANE.

By default, any returned certificates are stored in the local certificate store.  This can be overridden by using `--output` option.

When a certificate is retrieved using DANE, and imported into the local certificate store, any User IDs with the email address that was looked up are certificated with a local DANE-specific key.  That proxy certificate is in turn certified as a minimally trusted CA (trust amount: 1 of 120) by the local trust root.  How much the DANE proxy CA is trusted can be tuned using `sq pki link add` or `sq pki link retract` in the usual way.

Options

Subcommand options

--all

Fetch updates for all known certificates

--binary

Emit binary data

--output=FILE

Write to FILE (or stdout when omitted) instead of importing into the certificate store

ADDRESS

Retrieve certificate(s) for ADDRESS

Global options

See sq(1) for a description of the global options.

See Also

sq(1), sq-network(1), sq-network-dane(1).

For the full documentation see <https://book.sequoia-pgp.org>.

Version

0.38.0 (sequoia-openpgp 1.21.2)

Referenced By

sq-network-dane(1).

0.38.0 Sequoia PGP