sq-wot-authenticate(1)

1authenticate(1)             General Commands Manual            authenticate(1)
2
3
4

NAME

6       authenticate - Authenticate a binding
7

SYNOPSIS

9       authenticate [--email] [-h|--help] <FINGERPRINT|KEYID> <USERID>
10

DESCRIPTION

12       Authenticate a binding.
13
14       Authenticate  a  binding  (a  certificate and User ID) by looking for a
15       path from the trust roots to the specified binding in the web of trust.
16       Because  certifications  may  express uncertainty (i.e., certifications
17       may be marked as conveying only partial or  marginal  trust),  multiple
18       paths may be needed.
19
20       If a binding could be authenticated to the specified level (by default:
21       fully authenticated, i.e., a trust amount of 120), then the exit status
22       is 0.  Otherwise the exit status is 1.
23
24       If any valid paths to the binding are found, they are printed on stdout
25       whether they are sufficient to authenticate the binding or not.
26

OPTIONS

28       --email
29              Changes the USERID parameter to match User IDs with  the  speci‐
30              fied email address.
31
32              Interprets  the  USERID  parameter as an email address, which is
33              then used to select User IDs with that email address.
34
35              Unlike when comparing User IDs, email addresses are  first  nor‐
36              malized  by  the domain to ASCII using IDNA2008 Punycode conver‐
37              sion, and then converting the resulting email address to  lower‐
38              case using the empty locale.
39
40              If  multiple  User  IDs match, they are each considered in turn,
41              and this function returns success if at least one of those  User
42              IDs can be authenticated.  Note: The paths to the different User
43              IDs are not combined.
44
45       -h, --help
46              Print help (see a summary with '-h')
47
48       <FINGERPRINT|KEYID>
49              The fingerprint or Key ID of the certificate to authenticate
50
51       <USERID>
52              The User ID to authenticate.
53
54              This is case sensitive, and must be the whole User ID, not  just
55              a substring or an email address.
56

EXTRA

58       EXAMPLES:
59
60         # Authenticate a binding.
61         $ sq --keyring keyring.pgp \
62             --partial \
63             --trust-root 8F17777118A33DDA9BA48E62AACB3243630052D9 \
64           authenticate \
65             C7966E3E7CE67DBBECE5FC154E2AD944CFC78C86 \
66             'Alice <alice@example.org>'
67
68         # Try and authenticate each binding where the User ID has the
69         # specified email address.
70         $ sq --keyring keyring.pgp \
71             --trust-root 8F17777118A33DDA9BA48E62AACB3243630052D9 \
72           authenticate \
73             C7966E3E7CE67DBBECE5FC154E2AD944CFC78C86 \
74             --email 'alice@example.org'
75
76
77
78                                 authenticate                  authenticate(1)