IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
- `sq pki link add` has a positional argument for specifying a user
ID directly or by email address. Remove it in favor of the named
arguments, `--userid` and `--email`.
- See #318.
- `sq pki certify` and `sq pki authorize` are for creating
third-party certifications.
- Error out if the certifier is the same as the certificate being
certified.
- Add a new type, `UserIDDesignators`, which can be flattened into a
clap subcommand, and exposes one or more user ID designator
arguments (`--userid`, `--email`), and an optional `--add-userid`
flag.
- Change `sq pki certify` and `sq pki authorize` to use it.
- Previously `sq pki certify` could create certifications, and mark
a certificate as a trusted introducer (when the user set `--depth`
to be greater than zero). Anecdotal evidence indicates that
combining these two actions in a single command is confusing.
- Split the latter functionality off, and put it in a new subcommand,
`sq pki authorize`.
- See https://gitlab.com/sequoia-pgp/sequoia-sq/-/issues/249#note_1865470753
- Reorder `sq pki certify`'s arguments so that they appear in a more
logical order when reading `--help` (required arguments first,
then grouped and approximately ordered by how often they are
likely to be used).
- `sq pki certify` uses a positional argument to specify the
certificate to certify. Change it to be a named argument, either
`--cert`, or `--cert-file`.
- See #318.
- Rename the `CertDesignators`'s generic type `Options` to
`Arguments` and add a generic type `Options`.
- Define two options, `OneValue`, and `OptionalValue`.
- When creating an argument group make the group required by
default (i.e., at least one argument from the group must be given).
If `OneValue` is set, disallow more than one value. If
`OptionalValue` is set, allow zero values.
- `sq pki certify` uses a positional argument to specify the user
ID to certify. Change it to be a named argument, either
`--userid`, or `--email`.
- This changes the meaning of `--email` from a flag that changes how
`--userid` interprets its argument, to an argument.
- This also allows multiple user IDs to be specified at once.
- See #318.
- Pull similar functionality out of the implementation of `sq pki
certify`, `sq pki link add`, and `sq pki link retract`, and put it
in a new module, `common::pki::certify`.
- This slightly changes the human readable output.
- `active_certification` takes a fingerprint, and looks up the
corresponding certificate in the certificate store. But, all
callers already have the certificate. Avoid a lookup by taking a
reference to the certificate.
- Instead of producing a free-form string, add a
`std::process::Command`-inspired framework for command hints.
- There are three benefits: First, we can provide robust quoting.
Then, we can validate sq invocations using the CLI parser.
Finally, we can nicely wrap the hints.
- Also list the found certificates when writing to a file.
- Emphasize that the results are not to be trusted by saying that
the are related to the query.
- See #296.
- Rename `sq network fetch` to `sq network search` to emphasize that
this is key discovery, and may return related or even wrong results.
Likewise for the key server, WKD, and DANE methods.
- See #296.
- When importing keys, also print whether the key or cert component
was unchanged, new, or updated, and also print cert import stats:
% sq key import test-modified.key
Imported CDBDAC59F236D281AAE839E923B926148F77F86F
test@example.org (UNAUTHENTICATED) from test-modified.key: key
unchanged, cert updated
Imported 0 new keys, updated 0 keys, 1 key unchanged, 0 errors.
Imported 0 new certificates, updated 1 certificate,
0 certificates unchanged, 0 errors.
- By being more consistent in our output, and more explicit about
what is happening and the distinction between key and cert, this
will hopefully be less confusing.
- Fixes#256.