Provided by: sq_1.2.0-1_amd64 bug

NAME
       sq network - Retrieve and publish certificates over the network


SYNOPSIS
       sq network search [OPTIONS] QUERY
       sq network keyserver [OPTIONS]  SUBCOMMAND
       sq network wkd [OPTIONS]  SUBCOMMAND
       sq network dane [OPTIONS]  SUBCOMMAND


DESCRIPTION
       Retrieve and publish certificates over the network.

       OpenPGP  certificates  can  be discovered and updated from, and published on services accessible over the
       network.  This is a collection of commands to interact with these services.


SUBCOMMANDS
   sq network search
       Retrieve certificates using all supported network services.

       This command will try to locate relevant certificates given a query, which may be a  fingerprint,  a  key
       ID,  an  email  address,  or a https URL.  It may also discover and import certificate related to the one
       queried, such as alternative certs, expired certs, or revoked certs.

       Discovering related certs is useful:  alternative  certs  support  key  rotations,  expired  certs  allow
       verification  of  signatures  made  in  the  past,  and discovering revoked certs is important to get the
       revocation information.  The PKI mechanism will help to select the correct cert, see `sq pki`.

       By default, any returned certificates are stored in the local certificate store.  This can be  overridden
       by using `--output` option.

       When  a  certificate  is  retrieved  from a verifying key server (currently, this is limited to a list of
       known servers: `hkps://keys.openpgp.org`, `hkps://keys.mailvelope.com`, and `hkps://mail-api.proton.me`),
       WKD, DANE, or via https,  and  imported  into  the  local  certificate  store,  the  User  IDs  are  also
       certificated  with  a  local  server-specific  key.   That  proxy  certificate  is in turn certified as a
       minimally trusted CA (trust amount: 1 of 120) by the local trust root.  How much a proxy key server CA is
       trusted can be tuned using `sq pki link add` or `sq pki link retract` in the usual way.

   sq network keyserver
       Retrieve and publishes certificates via key servers.

       The OpenPGP HTTP Keyserver Protocol (HKP) is a method for publishing and retrieving certificates from key
       servers.

   sq network wkd
       Retrieve and publishes certificates via Web Key Directories.

       The Web Key Directory (WKD) is a method for publishing and retrieving certificates from web servers.

   sq network dane
       Retrieve and publishes certificates via DANE.

       DNS-Based Authentication of Named Entities (DANE) is a method for publishing and retrieving  certificates
       in DNS as specified in RFC 7929.


EXAMPLES
       Search for the Qubes master signing certificate.

              sq network search 427F11FD0FAA4B080123F01CDDFA1A3E36879494

       Search for certificates that have are associated with an email address.

              sq network search alice@example.org


SEE ALSO
       sq(1), sq-network-search(1), sq-network-keyserver(1), sq-network-wkd(1), sq-network-dane(1).

       For the full documentation see <https://book.sequoia-pgp.org>.


VERSION
       1.2.0 (sequoia-openpgp 1.22.0)

Sequoia PGP                                           1.2.0                                                SQ(1)