Provided by: sq_0.37.0-1_amd64 bug

NAME
       sq network - Retrieve and publish certificates over the network


SYNOPSIS
       sq network fetch [OPTIONS] QUERY
       sq network keyserver [OPTIONS]  SUBCOMMAND
       sq network wkd [OPTIONS]  SUBCOMMAND
       sq network dane [OPTIONS]  SUBCOMMAND


DESCRIPTION
       Retrieve and publish certificates over the network.

       OpenPGP  certificates  can  be  discovered  and  updated  from,  and published on services
       accessible over the network.  This is a collection of  commands  to  interact  with  these
       services.


SUBCOMMANDS
   sq network fetch
       Retrieve certificates using all supported network services.

       This  command  will  try  to  locate  relevant  certificates given a query, which may be a
       fingerprint, a key ID, an email address, or a https URL.  It may also discover and  import
       certificate  related  to  the  one  queried,  such as alternative certs, expired certs, or
       revoked certs.

       Discovering related certs is useful: alternative  certs  support  key  rotations,  expired
       certs  allow verification of signatures made in the past, and discovering revoked certs is
       important to get the revocation information.  The PKI mechanism will help  to  select  the
       correct cert, see `sq pki`.

       By default, any returned certificates are stored in the local certificate store.  This can
       be overridden by using `--output` option.

       When a certificate is retrieved from a verifying key server (currently, this is limited to
       a  list  of  known  servers:  `hkps://keys.openpgp.org`, `hkps://keys.mailvelope.com`, and
       `hkps://mail-api.proton.me`), WKD, DANE,  or  via  https,  and  imported  into  the  local
       certificate  store,  the  User IDs are also certificated with a local server-specific key.
       That proxy certificate is in turn certified as a minimally trusted CA (trust amount: 1  of
       120)  by  the  local  trust  root.  How much a proxy key server CA is trusted can be tuned
       using `sq pki link add` or `sq pki link retract` in the usual way.

   sq network keyserver
       Retrieve and publishes certificates via key servers.

       The OpenPGP HTTP Keyserver Protocol (HKP)  is  a  method  for  publishing  and  retrieving
       certificates from key servers.

   sq network wkd
       Retrieve and publishes certificates via Web Key Directories.

       The  Web  Key  Directory (WKD) is a method for publishing and retrieving certificates from
       web servers.

   sq network dane
       Retrieve and publishes certificates via DANE.

       DNS-Based Authentication  of  Named  Entities  (DANE)  is  a  method  for  publishing  and
       retrieving certificates in DNS as specified in RFC 7929.


SEE ALSO
       sq(1),        sq-network-fetch(1),       sq-network-keyserver(1),       sq-network-wkd(1),
       sq-network-dane(1).

       For the full documentation see <https://book.sequoia-pgp.org>.


VERSION
       0.34.0 (sequoia-openpgp 1.19.0)