logo
Free, unlimited AI code reviews that run on commit
git-lrc git-lrc GitHub Install Now We'd appreciate a star git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt

sq network dane - Retrieve and publishes certificates via DANE

Contents

Description

       Retrieve and publishes certificates via DANE.

       DNS-Based  Authentication of Named Entities (DANE) is a method for publishing and retrieving certificates
       in DNS as specified in RFC 7929.

Examples

sqnetworkdanesearch
       Retrieve Alice's certificate over DANE.

              sq network dane search alice@example.org

       Retrieve updates for all known certificates over DANE.

              sq network dane search --all

   sqnetworkdanegenerate
       Generate DANE records from juliet.pgp for example.org.

              sq network dane generate --domain=example.org \
                     --cert-file=juliet.pgp

       Generate DANE records for all certs with an authenticated user ID in example.org.

              sq network dane generate --domain=example.org --all

Name

       sq network dane - Retrieve and publishes certificates via DANE

See Also

sq(1), sq-network(1), sq-network-dane-search(1), sq-network-dane-generate(1).

       For the full documentation see <https://book.sequoia-pgp.org>.

Subcommands

sqnetworkdanesearch
       Retrieve certificates using DANE.

       By default, any returned certificates are stored in the local certificate store.  This can be  overridden
       by using `--output` option.

       When  a  certificate is retrieved using DANE, and imported into the local certificate store, any User IDs
       with the email address that was looked up are certificated with a local DANE-specific  key.   That  proxy
       certificate  is  in  turn certified as a minimally trusted CA (trust amount: 1 of 120) by the local trust
       root.  How much the DANE proxy CA is trusted can be tuned using  `sq  pki  link  add`  or  `sq  pki  link
       retract` in the usual way.

   sqnetworkdanegenerate
       Generate DANE records for the given domain and certs.

       The certificates are minimized, and one record per email address is emitted.  If multiple user IDs map to
       one email address, then all matching user IDs are included in the emitted certificates.

       By  default,  OPENPGPKEY  resource records are emitted.  If your DNS server doesn't understand those, use
       `--type generic` to emit generic records instead.

Synopsis

sqnetworkdanesearch [OPTIONS] ADDRESSsqnetworkdanegenerate [OPTIONS]

Version

       1.2.0 (sequoia-openpgp 1.22.0)

Sequoia PGP                                           1.2.0                                                SQ(1)

See Also

Man Pages
dane_verify_session_crt Man Pages
Network
Network PNG Icons
Man Pages
proxy Man Pages
Man Pages
sd_bus_message_get_monotonic_usec, sd_bus_message_get_realtime_usec, sd_bus_message_get_seqnum Man Pages
Man Pages
generate Man Pages
MCP
Workflowlearner Mcp
Example
Example PNG Icons
Certificate
Certificate PNG Icons
Man Pages
Using Man Pages
← View User commands Category← Back to Network diagnostics config🙏  Credits & Acknowledgments