Provided by: sq_1.3.1-2_amd64 
NAME
sq-key-approvals-update - Approves of third-party certifications allowing for their distribution
SYNOPSIS
sq key approvals update [OPTIONS]
DESCRIPTION
Approves of third-party certifications allowing for their distribution.
To prevent certificate flooding attacks, modern key servers prevent uncontrolled distribution of
third-party certifications on certificates. To allow the key holder to control what information is
distributed with their certificate, these key servers only distribute third-party certifications that the
key holder has explicitly approved.
By default, all user IDs are considered, but if at least one `--name`, `--email`, or `--userid` argument
is given, only the matching user IDs are considered.
After the approvals have been changed, the certificate has to be distributed, e.g. by uploading it to a
key server.
OPTIONS
Subcommand options
--add-all
Approve of all pending certifications
--add-authenticated
Approve of all certifications by authenticated certifiers
For all pending approvals, try to authenticate any user ID on the certifier, and if any can be
authenticated, approve of the certification.
--add-by=FINGERPRINT|KEYID
Approve of all certifications by this certifier
--cert=FINGERPRINT|KEYID
List the approvals on the certificate with the specified fingerprint or key ID
--cert-email=EMAIL
List the approvals on the certificate where a user ID includes the specified email address
--cert-file=PATH
List the approvals on the certificate read from PATH
--cert-userid=USERID
List the approvals on the certificate with the specified user ID
--email=EMAIL
Use the self-signed user ID with the specified email address
--output=FILE
Write to the specified FILE
If not specified, and the certificate was read from the certificate store, imports the modified
certificate into the cert store. If not specified, and the certificate was read from a file,
writes the modified certificate to stdout.
--remove-all
Remove all prior approvals
By default, this command adds to the set of already approved certifications. If this flag is
given, the existing approvals are disregarded, and only the newly selected certifications are
approved, if any.
--remove-by=FINGERPRINT|KEYID
Remove all prior approvals of certifications by this certifier
--userid=USERID
Use the specified self-signed user ID
The specified user ID must be self signed.
Global options
See sq(1) for a description of the global options.
EXAMPLES
Approve of all of the certifications on all of Alice's user IDs.
sq key approvals update --add-all \
--cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0
Approve of all of the certifications on all of Alice's user IDs made by Bob, discarding all prior
approvals first.
sq key approvals update --remove-all \
--add-by=511257EBBF077B7AEDAE5D093F68CB84CE537C9A \
--cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0
Approve of all of the certifications on a specific user ID by certifiers that can be authenticated,
discarding all prior approvals first.
sq key approvals update --remove-all --add-authenticated \
--cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0 \
--userid="Alice <alice@example.org>"
Remove the approval of Bob's certification on all of Alice's user IDs.
sq key approvals update \
--remove-by=511257EBBF077B7AEDAE5D093F68CB84CE537C9A \
--cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0
SEE ALSO
sq(1), sq-key(1), sq-key-approvals(1).
For the full documentation see <https://book.sequoia-pgp.org/>.
VERSION
1.3.1
Sequoia PGP 1.3.1 SQ(1)