Provided by: sq_0.40.0-1_amd64 
NAME
sq key approvals update - Approves of third-party certifications
SYNOPSIS
sq key approvals update [OPTIONS]
DESCRIPTION
Approves of third-party certifications allowing for their distribution.
To prevent certificate flooding attacks, modern key servers prevent uncontrolled
distribution of third-party certifications on certificates. To allow the key holder to
control what information is distributed with their certificate, these key servers only
distribute third-party certifications that the key holder has explicitly approved.
By default, all user IDs are considered, but if at least one `--name`, `--email`, or
`--userid` argument is given, only the matching user IDs are considered.
After the approvals have been changed, the certificate has to be distributed, e.g. by
uploading it to a key server.
OPTIONS
Subcommand options
--add-all
Approve of all pending certifications
--add-authenticated
Approve of all certifications by authenticated certifiers.
For all pending approvals, try to authenticate any user ID on the certifier, and if
any can be authenticated, approve of the certification.
--add-by=FINGERPRINT|KEYID
Approve of all certifications by this certifier
--cert=FINGERPRINT|KEYID
List the approvals on the certificate with the specified fingerprint or key ID
--cert-email=EMAIL
List the approvals on the certificate where a user ID includes the specified email
address
--cert-file=PATH
List the approvals on the certificate read from PATH
--cert-userid=USERID
List the approvals on the certificate with the specified user ID
--email=EMAIL
Use the self-signed user ID with the specified email address
--name=DISPLAY_NAME
Use the self-signed user ID with the specified display name
--output=FILE
Write to the specified FILE.
If not specified, and the certificate was read from the certificate store, imports
the modified certificate into the cert store. If not specified, and the
certificate was read from a file, writes the modified certificate to stdout.
--remove-all
Remove all prior approvals.
By default, this command adds to the set of already approved certifications. If
this flag is given, the existing approvals are disregarded, and only the newly
selected certifications are approved, if any.
--remove-by=FINGERPRINT|KEYID
Remove all prior approvals of certifications by this certifier
--userid=USERID
Use the specified self-signed user ID.
The specified user ID must be self signed.
Global options
See sq(1) for a description of the global options.
EXAMPLES
Approve of all of the certifications on all of Alice's user IDs.
sq key approvals update --add-all \
--cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0
Approve of all of the certifications on all of Alice's user IDs made by Bob, discarding
all prior approvals first.
sq key approvals update --remove-all \
--add-by=511257EBBF077B7AEDAE5D093F68CB84CE537C9A \
--cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0
Approve of all of the certifications on a specific user ID by certifiers that can be
authenticated, discarding all prior approvals first.
sq key approvals update --remove-all --add-authenticated \
--cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0 \
"--userid=Alice <alice@example.org>"
Remove the approval of Bob's certification on all of Alice's user IDs.
sq key approvals update \
--remove-by=511257EBBF077B7AEDAE5D093F68CB84CE537C9A \
--cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0
SEE ALSO
sq(1), sq-key(1), sq-key-approvals(1).
For the full documentation see <https://book.sequoia-pgp.org>.
VERSION
0.40.0 (sequoia-openpgp 1.21.2)