Provided by: sq_0.37.0-1_amd64 bug

NAME
       sq pki identify - Identify a certificate


SYNOPSIS
       sq pki identify [OPTIONS] FINGERPRINT|KEYID


DESCRIPTION
       Identify a certificate.

       Identify a certificate by finding authenticated bindings (User ID and certificate pairs).

       If  a  binding  could  be  authenticated to the specified level (by default: fully authenticated, i.e., a
       trust amount of 120), then the exit status is 0.  Otherwise the exit status is 1.

       If a binding could be partially authenticated (i.e., its trust  amount  is  greater  than  0),  then  the
       binding is displayed, even if the trust is below the specified threshold.


OPTIONS
   Subcommand options
       -a, --amount=AMOUNT
              The required amount of trust.

              120  indicates  full  authentication;  values less than 120 indicate partial authentication.  When
              `--certification-network` is passed, this defaults to 1200, i.e., `sq pki` tries to find 10 paths.

       --certification-network
              Treats the network as a certification network.

              Normally, `sq pki` treats  the  Web  of  Trust  network  as  an  authentication  network  where  a
              certification  only  means that the binding is correct, not that the target should be treated as a
              trusted introducer.  In a certification network, the targets  of  certifications  are  treated  as
              trusted  introducers with infinite depth, and any regular expressions are ignored. Note: The trust
              amount remains unchanged.  This is how most so-called PGP path-finding algorithms work.

       --gossip
              Treats all certificates as unreliable trust roots.

              This option is useful for figuring out what others think about  a  certificate  (i.e.,  gossip  or
              hearsay).  In other words, this finds arbitrary paths to a particular certificate.

              Gossip  is  useful  in  helping  to  identify alternative ways to authenticate a certificate.  For
              instance, imagine Ed wants to  authenticate  Laura's  certificate,  but  asking  her  directly  is
              inconvenient.   Ed  discovers  that  Micah  has  certified  Laura's certificate, but Ed hasn't yet
              authenticated Micah's certificate.  If Ed is willing to rely on Micah as a trusted introducer, and
              authenticating Micah's certificate is easier than authenticating Laura's certificate, then Ed  has
              learned about an easier way to authenticate Laura's certificate.

        FINGERPRINT|KEYID
              The fingerprint or Key ID of the certificate to authenticate

   Global options
       See sq(1) for a description of the global options.


EXAMPLES
       Identify the user IDs that can be authenticated for the certificate.

              sq pki identify EB28F26E2739A4870ECC47726F0073F60FD0CBF0

       List all user IDs that have that have been certified by anyone.

              sq pki identify --gossip \
                     511257EBBF077B7AEDAE5D093F68CB84CE537C9A


SEE ALSO
       sq(1), sq-pki(1).

       For the full documentation see <https://book.sequoia-pgp.org>.


VERSION
       0.34.0 (sequoia-openpgp 1.19.0)

Sequoia PGP                                          0.34.0                                                SQ(1)