FreeBSD Manual Pages
SQ(1) User Commands SQ(1) NAME sq network - Retrieve and publish certificates over the network SYNOPSIS sq network fetch [OPTIONS] QUERY sq network keyserver [OPTIONS] SUBCOMMAND sq network wkd [OPTIONS] SUBCOMMAND sq network dane [OPTIONS] SUBCOMMAND DESCRIPTION Retrieve and publish certificates over the network. OpenPGP certificates can be discovered and updated from, and published on services accessible over the network. This is a collection of com- mands to interact with these services. SUBCOMMANDS sq network fetch Retrieve certificates using all supported network services. This command will try to locate relevant certificates given a query, which may be a fingerprint, a key ID, an email address, or a https URL. It may also discover and import certificate related to the one queried, such as alternative certs, expired certs, or revoked certs. Discovering related certs is useful: alternative certs support key ro- tations, expired certs allow verification of signatures made in the past, and discovering revoked certs is important to get the revocation information. The PKI mechanism will help to select the correct cert, see `sq pki`. By default, any returned certificates are stored in the local certifi- cate store. This can be overridden by using `--output` option. When a certificate is retrieved from a verifying key server (currently, this is limited to a list of known servers: `hkps://keys.openpgp.org`, `hkps://keys.mailvelope.com`, and `hkps://mail-api.proton.me`), WKD, DANE, or via https, and imported into the local certificate store, the User IDs are also certificated with a local server-specific key. That proxy certificate is in turn certified as a minimally trusted CA (trust amount: 1 of 120) by the local trust root. How much a proxy key server CA is trusted can be tuned using `sq pki link add` or `sq pki link re- tract` in the usual way. sq network keyserver Retrieve and publishes certificates via key servers. The OpenPGP HTTP Keyserver Protocol (HKP) is a method for publishing and retrieving certificates from key servers. sq network wkd Retrieve and publishes certificates via Web Key Directories. The Web Key Directory (WKD) is a method for publishing and retrieving certificates from web servers. sq network dane Retrieve and publishes certificates via DANE. DNS-Based Authentication of Named Entities (DANE) is a method for pub- lishing and retrieving certificates in DNS as specified in RFC 7929. SEE ALSO sq(1), sq-network-fetch(1), sq-network-keyserver(1), sq-network-wkd(1), sq-network-dane(1). For the full documentation see <https://book.sequoia-pgp.org>. VERSION 0.36.0 (sequoia-openpgp 1.20.0) Sequoia PGP 0.36.0 SQ(1)
NAME | SYNOPSIS | DESCRIPTION | SUBCOMMANDS | SEE ALSO | VERSION
Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=sq-network&sektion=1&manpath=FreeBSD+Ports+14.3.quarterly>