Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help 
SQ(1)				 User Commands				 SQ(1)

NAME
       sq-pki-path - Verify the	specified path

SYNOPSIS
       sq pki path [OPTIONS] FINGERPRINT|KEYID

DESCRIPTION
       Verify the specified path.

       A  path	is a sequence of certificates starting at the root, and	a User
       ID.  This function checks that each path	segment	has a valid certifica-
       tion, which also	satisfies any constraints (trust amount, trust	depth,
       regular expressions).

       If a valid path is not found, then this subcommand also lints the path.
       In  particular, it report if any	certifications are insufficient, e.g.,
       not enough trust	depth, or invalid, e.g., because they use  SHA-1,  but
       the use of SHA-1	has been disabled.

OPTIONS
   Subcommand options
       --amount=AMOUNT
	      The required amount of trust

	      120 indicates full authentication; values	less than 120 indicate
	      partial	authentication.	   When	 `--certification-network`  is
	      passed, this defaults to 1200, i.e., this	command	tries to  find
	      10 paths.

       --certification-network
	      Treats the network as a certification network

	      Normally,	 the  authentication machinery treats the Web of Trust
	      network as an authentication network where a certification  only
	      means that the binding is	correct, not that the target should be
	      treated  as  a  trusted introducer.  In a	certification network,
	      the targets of certifications are	treated	as trusted introducers
	      with infinite depth, and any regular  expressions	 are  ignored.
	      Note:  The  trust	 amount	 remains  unchanged.  This is how most
	      so-called	PGP path-finding algorithms work.

       --email=EMAIL
	      Authenticate the specified email address

	      This checks whether it is	possible to authenticate the  user  ID
	      consisting  of  just  specified email address.  The user ID does
	      not need to be self signed.

       --userid=USERID
	      Authenticate the specified user ID

	      The specified user ID does not need to be	self signed.

       --userid-by-email=EMAIL
	      Authenticate the self-signed user	ID with	 the  specified	 email
	      address

	      This   checks   whether  it  is  possible	 to  authenticate  the
	      self-signed user ID with the specified email address.

	      If the certificate is invalid or there is	no self-signed user ID
	      with the specified email address,	uses a user ID with  just  the
	      email address.

	FINGERPRINT|KEYID
	      The path to authenticate

	      A	path consists of one or	more certificates.  The	first certifi-
	      cate  is the root, and the last certificate is the one being au-
	      thenticated for the specified user ID.

   Global options
       See sq(1) for a description of the global options.

EXAMPLES
       Verify that Alice ceritified a particular User ID  for  Bob's  certifi-
       cate.

	      sq pki path EB28F26E2739A4870ECC47726F0073F60FD0CBF0 \
		     511257EBBF077B7AEDAE5D093F68CB84CE537C9A --userid \
		     "Bob <bob@example.org>"

SEE ALSO
       sq(1), sq-pki(1).

       For the full documentation see <https://book.sequoia-pgp.org/>.

VERSION
       1.3.1

Sequoia	PGP			     1.3.1				 SQ(1)

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=sq-pki-path&sektion=1&manpath=FreeBSD+Ports+15.0.quarterly>

home | help