NAME

       sq network keyserver fetch - Retrieve certificates from key servers

SYNOPSIS

       sq network keyserver fetch [OPTIONS] QUERY

DESCRIPTION

       Retrieve certificates from key servers.

       By default, any returned certificates are stored in the local certificate store.  This can
       be overridden by using `--output` option.

       When a certificate is retrieved from a verifying key server (currently, this is limited to
       a  list  of  known  servers:  `hkps://keys.openpgp.org`, `hkps://keys.mailvelope.com`, and
       `hkps://mail-api.proton.me`), and imported into the local certificate store, the User  IDs
       are also certificated with a local server-specific key.  That proxy certificate is in turn
       certified as a minimally trusted CA (trust amount: 1 of 120) by the local trust root.  How
       much a proxy key server CA is trusted can be tuned using `sq pki link add` or `sq pki link
       retract` in the usual way.

OPTIONS

   Subcommand options
       -B, --binary
              Emit binary data

       --all  Fetch updates for all known certificates

       -o, --output=FILE
              Write to FILE (or stdout when omitted) instead of importing  into  the  certificate
              store

       -s, --server=URI
              Set the key server to use.  Can be given multiple times.

        QUERY Retrieve  certificate(s)  using  QUERY.  This  may be a fingerprint, a KeyID, or an
              email address.

   Global options
       See sq(1) for a description of the global options.

SEE ALSO

       sq(1), sq-network(1), sq-network-keyserver(1).

       For the full documentation see <https://book.sequoia-pgp.org>.

VERSION

       0.34.0 (sequoia-openpgp 1.19.0)