Provided by: sq_0.25.0-3ubuntu0.22.04.1_amd64 bug

NAME

       sq-certify - Certifies a User ID for a Certificate

       Using  a  certification  a  keyholder  may  vouch  for  the  fact that another certificate
       legitimately belongs to a user id.  In the context of emails  this  means  that  the  same
       entity  controls  the  key  and  the email address.  These kind of certifications form the
       basis for the Web Of Trust.

       This command emits the certificate with the new certification.   The  updated  certificate
       has to be distributed, preferably by sending it to the certificate holder for attestation.
       See also "sq key attest-certification".

SYNOPSIS

       sq certify [FLAGS] [OPTIONS] <CERTIFIER-KEY> <CERTIFICATE> <USERID>

FLAGS

       -h, --help
              Prints help information

       -B, --binary
              Emits binary data

       -l, --local
              Makes the certification a local certification.  Normally, local certifications  are
              not exported.

       --non-revocable
              Marks  the  certification  as being non-revocable. That is, you cannot later revoke
              this certification.  This should normally only be used with an expiration.

OPTIONS

       -o, --output FILE
              Writes to FILE or stdout if omitted

       -d, --depth TRUST_DEPTH
              Sets the trust depth (sometimes referred to as the trust level).  0 means a  normal
              certification  of  <CERTIFICATE,  USERID>.   1  means CERTIFICATE is also a trusted
              introducer, 2 means CERTIFICATE is a meta-trusted introducer, etc.  The default  is
              0.

       -a, --amount TRUST_AMOUNT
              Sets the amount of trust.  Values between 1 and 120 are meaningful. 120 means fully
              trusted.  Values less than 120 indicate the degree of trust.  60  is  usually  used
              for partially trusted.  The default is 120.

       -r, --regex REGEX
              Adds  a regular expression to constrain what a trusted introducer can certify.  The
              regular  expression  must  match  the  certified  User  ID  in   all   intermediate
              introducers,  and  the  certified  certificate. Multiple regular expressions may be
              specified.  In that case, at least one must match.

       --notation NAME
              Adds a notation to the certification.  A user-defined notation's name  must  be  of
              the  form  "name@a.domain.you.control.org". If the notation's name starts with a !,
              then the notation is marked as being  critical.   If  a  consumer  of  a  signature
              doesn't  understand  a  critical  notation, then it will ignore the signature.  The
              notation is marked as being human readable.

       --expires TIME
              Makes the certification expire at  TIME  (as  ISO  8601).  Use  "never"  to  create
              certifications that do not expire.

       --expires-in DURATION
              Makes  the  certification  expire  after  DURATION.  Either "N[ymwd]", for N years,
              months, weeks, or days, or "never".  [default: 5y]

ARGS

       CERTIFIER-KEY
              Creates the certificate using CERTIFIER-KEY.

       CERTIFICATE
              Certifies CERTIFICATE.

       USERID Certifies USERID for CERTIFICATE.

EXAMPLES

       # Juliet certifies that Romeo controls romeo.pgp and romeo@example.org
              $ sq certify juliet.pgp romeo.pgp "<romeo@example.org>"

SEE ALSO

       For the full documentation see <https://docs.sequoia-pgp.org/sq/>.

       sq(1), sq-armor(1), sq-autocrypt(1), sq-certify(1), sq-dearmor(1), sq-decrypt(1),
       sq-encrypt(1), sq-inspect(1), sq-key(1), sq-keyring(1), sq-packet(1), sq-sign(1),
       sq-verify(1)

AUTHORS

         Azul <azul@sequoia-pgp.org>
         Igor Matuszewski <igor@sequoia-pgp.org>
         Justus Winter <justus@sequoia-pgp.org>
         Kai Michaelis <kai@sequoia-pgp.org>
         Neal H. Walfield <neal@sequoia-pgp.org>
         Nora Widdecke <nora@sequoia-pgp.org>
         Wiktor Kwapisiewicz <wiktor@sequoia-pgp.org>