IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
- This didn't do what it said on the tin (it said to skip expired
certs, but Cert::with_policy doesn't care about expiration).
Further, asking to publish a cert that doesn't have a user ID in
that domain should probably just be an error.
- Previously, the now removed `sq network wkd generate` command also
had a `--skip` flag, but the replacement `sq network wkd publish`
never had that flag.
- Fixes#371.
- `sq pki link authorize` certifies all self-signed user IDs when
no user IDs are provided. Add a test that checks that it silently
ignores invalid self-signed user IDs (e.g., revoked user IDs) in
this case.
- `sq pki vouch authorize` certifies all self-signed user IDs when
no user IDs are provided. Change it to silently ignore invalid
self-signed user IDs (e.g., revoked user IDs) in this case.
- Split authorization functionality out of `sq pki link add` into a
new command, `sq pki link authorize`.
- Align `sq pki link authorize`'s arguments with `sq pki authorize`
arguments.
- Reorder `sq pki link add`'s arguments so that they appear in a more
logical order when reading `--help` (required arguments first,
then grouped and approximately ordered by how often they are
likely to be used).
- `UserIDDesignators::resolve` required the `--add-userid` option be
present to designate a non-self-signed user ID.
- Relax this requirement if the `--add-userid` option is not
enabled.
- Align how user IDs are specified using `sq pki link add` with `sq
pki certify`. Specifically, add a `--add-userid` argument and
remove the `--petname` argument.
- `sq pki link retract` has a positional argument for specifying a user
ID directly or by email address. Remove it in favor of the named
arguments, `--userid` and `--email`.
- See #318.
- `sq pki link add` has a positional argument for specifying a user
ID directly or by email address. Remove it in favor of the named
arguments, `--userid` and `--email`.
- See #318.
- `sq pki certify` and `sq pki authorize` are for creating
third-party certifications.
- Error out if the certifier is the same as the certificate being
certified.
- Add a new type, `UserIDDesignators`, which can be flattened into a
clap subcommand, and exposes one or more user ID designator
arguments (`--userid`, `--email`), and an optional `--add-userid`
flag.
- Change `sq pki certify` and `sq pki authorize` to use it.
- Previously `sq pki certify` could create certifications, and mark
a certificate as a trusted introducer (when the user set `--depth`
to be greater than zero). Anecdotal evidence indicates that
combining these two actions in a single command is confusing.
- Split the latter functionality off, and put it in a new subcommand,
`sq pki authorize`.
- See https://gitlab.com/sequoia-pgp/sequoia-sq/-/issues/249#note_1865470753
- Reorder `sq pki certify`'s arguments so that they appear in a more
logical order when reading `--help` (required arguments first,
then grouped and approximately ordered by how often they are
likely to be used).
- `sq pki certify` uses a positional argument to specify the
certificate to certify. Change it to be a named argument, either
`--cert`, or `--cert-file`.
- See #318.
- Rename the `CertDesignators`'s generic type `Options` to
`Arguments` and add a generic type `Options`.
- Define two options, `OneValue`, and `OptionalValue`.
- When creating an argument group make the group required by
default (i.e., at least one argument from the group must be given).
If `OneValue` is set, disallow more than one value. If
`OptionalValue` is set, allow zero values.
- `sq pki certify` uses a positional argument to specify the user
ID to certify. Change it to be a named argument, either
`--userid`, or `--email`.
- This changes the meaning of `--email` from a flag that changes how
`--userid` interprets its argument, to an argument.
- This also allows multiple user IDs to be specified at once.
- See #318.
- Pull similar functionality out of the implementation of `sq pki
certify`, `sq pki link add`, and `sq pki link retract`, and put it
in a new module, `common::pki::certify`.
- This slightly changes the human readable output.
- `active_certification` takes a fingerprint, and looks up the
corresponding certificate in the certificate store. But, all
callers already have the certificate. Avoid a lookup by taking a
reference to the certificate.
