sq-wot-path - Man Page

Verify the specified path


path [--email] [-h|--help] [FINGERPRINT|KEYID USERID]


Verify the specified path.

A path is a sequence of certificates starting at the root, and a User ID.  This function checks that each path segment has a valid certification, which also satisfies any constraints (trust amount, trust depth, regular expressions).

If a valid path is not found, then this subcommand also lints the path.  In particular, it report if any certifications are insufficient, e.g., not enough trust depth, or invalid, e.g., because they use SHA-1, but the use of SHA-1 has been disabled.



Changes the USERID parameter to match User IDs with the specified email address.

Interprets the USERID parameter as an email address, which is then used to select User IDs with that email address.

Unlike when comparing User IDs, email addresses are first normalized by the domain to ASCII using IDNA2008 Punycode conversion, and then converting the resulting email address to lowercase using the empty locale.

If multiple User IDs match, they are each considered in turn, and this function returns success if at least one of those User IDs can be authenticated.  Note: The paths to the different User IDs are not combined.

-h,  --help

Print help (see a summary with '-h')


A path consists of one or more certificates (designated by their fingerprint or Key ID) and ending in the User ID that is being authenticated



# Verify that Neal ceritified Justus's certificate for a particular User ID. $ sq --keyring keyring.pgp \
 path \
   8F17777118A33DDA9BA48E62AACB3243630052D9 \
   CBCD8F030588653EEDD7E2659B7DD433F254904A \
   "Justus Winter <justus@sequoia-pgp.org>"