IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
- Change the semantics of `sq key userid revoke --email` to use a
user ID with just the specified email address, if the email
address is part of a self-signed user ID. That is, use the
`Exact` semantics instead of the `By` semantics. For example, if
a certificate has the self-signed user ID "Alice
<alice@example.org>", then `--email alice@example.org` would have
selected "Alice <alice@example.org>" for revocation, but now it
selects "<alice@example.org>".
- Add `sq key userid revoke --userid-by-email`, which uses the
self-signed user ID with the specified email address. For
example, if a certificate has the self-signed user ID "Alice
<alice@example.org>", then `--userid-by-email alice@example.org`
selects "Alice <alice@example.org>" for revocation.
- Fixes#212.
- Change the semantics of `sq pki vouch add --email` and `sq pki
vouch authorize --email` to use a user ID with just the specified
email address, if the email address is part of a self-signed user
ID. That is, use the `Exact` semantics instead of the `By`
semantics. For example, if a certificate has the self-signed user
ID "Alice <alice@example.org>", then `--email alice@example.org`
would have selected "Alice <alice@example.org>" for certification,
but now it selects "<alice@example.org>".
- Add `sq pki vouch add --userid-by-email`, and `sq pki vouch
authorize --userid-by-email`, which use the self-signed user ID
with the specified email address. For example, if a certificate
has the self-signed user ID "Alice <alice@example.org>", then
`--userid-by-email alice@example.org` selects "Alice
<alice@example.org>" for certification.
- Fixes#212.
- Change the semantics of `sq pki authenticate --email` and `sq pki
lookup --email` to use a user ID with just the specified email
address. That is, use the `Exact` semantics instead of the `By`
semantics. For example, if a certificate has the user ID "Alice
<alice@example.org>", then `--email alice@example.org` does not
select it.
- Add `sq pki authenticate --userid-by-email`, and `sq pki lookup
--userid-by-email`, which match user IDs with the specified email
address. For example, if a certificate has the user ID "Alice
<alice@example.org>", then `--userid-by-email alice@example.org`
selects it.
- Fixes#212.
- Change the semantics of `sq pki link add --email` and `sq pki
link authorize --email` to use a user ID with just the specified
email address, if the email address is part of a self-signed user
ID. That is, use the `Exact` semantics instead of the `By`
semantics. For example, if a certificate has the self-signed user
ID "Alice <alice@example.org>", then `--email alice@example.org`
would have selected "Alice <alice@example.org>" to link, but now
it selects "<alice@example.org>".
- Add `sq pki link add --userid-by-email`, and `sq pki link
authorize --userid-by-email`, which use the self-signed user ID
with the specified email address. For example, if a certificate
has the self-signed user ID "Alice <alice@example.org>", then
`--userid-by-email alice@example.org` selects "Alice
<alice@example.org>" to link.
- Fixes#212.
- Add `sq pki path --userid-by-email`, which selects the self-signed
user ID with the specified email address. This is different from
`--email`, which simply uses the argument's value as a user ID.
- Fixes#212.
- Disable the `--name` argument from `sq key approvals list`, `sq
key approvals update`, `sq key userid revoke` and `sq pki path`,
and disable the `--add-name` argument from `sq key userid
revoke`.
- These arguments are of uncertain value. Disable them until there
is clear demand.
- Fixes#487.
- Rename `--userid-or-add`, `--email-or-add`, and `--name-or-add`
respectively to `--add-userid`, `--add-email`, and `--add-name`.
- These names more closely match their new semantics: they don't
first try and match a self-signed user ID, but just use a user ID
consisting of the argument's value.
- Rename the `Exact` designator semantics to `By`. By default, the
`By` arguments are called `--userid`, `--userid-by-email`, and
`--userid-by-name`.
- Add a new set of designators called `Exact` for the arguments
`--userid`, `--email`, and `--name`. The semantics of `Exact`
are: the value must match a self-signed user ID, however, the
returned user ID is just the value, not the matching self-signed
user ID. That is, if there is a self-signed user ID `Alice
<alice@example.org>`, `--email alice@example.org` matches and
returns the user ID `<alice@example.org>`, and `--name Alice`
returns the user ID `Alice`.
- Change the semantics of `Add` user ID designators (by default,
`--userid-or-add`, `--email-or-add`, and `--name-or-add`) so that
they just return a user ID with just the specified value. That is
`--email alice@example.org` returns the user ID
`<alice@example.org>`.
- The following commands use user ID designators and their semantics
are unchanged:
- `sq key approvals list`: Unchanged.
- `sq key approvals update`: Unchanged.
- `sq pki authenticate`: Unchanged.
- `sq pki lookup`: Unchanged.
- `sq pki path`: Unchanged.
- The following commands use user ID designators and their semantics
changed as follows:
- `sq pki link add`: `--email-or-add` had the old `Add` semantics
and now has the new `Add` semantics.
- `sq pki link authorize`: `--email-or-add` had the old `Add`
semantics and now has the new `Add` semantics.
- `sq pki link retract`: `--email` had the old `Add` semantics and
now has the new `Add` semantics.
- `sq key userid revoke`: `--email-or-add` had the old `Add` semantics and
now has the new `Add` semantics.
- `sq key vouch add`: `--email-or-add` had the old `Add` semantics and
now has the new `Add` semantics.
- `sq key vouch authorize --email-or-add` had the old `Add`
semantics and now has the new `Add` semantics.
- Don't parameterize over the arguments (e.g., `--email`) and their
semantics. Just parameterize over the semantics. For a given set
of semantics, enable all arguments (i.e., a user id, an email, and
a name variant).
- This commit does not change any arguments or their semantics.
- Change `sq pki link add`, `sq pki link authorize`, `sq pki link
retract`, `sq pki vouch add`, and `sq pki vouch authorize` to
better handle unusable user IDs matched by `--all`. Specifically,
if the user explicitly designates a user ID and we can't use it,
then fail loudly, but if a user ID is selected by `--all` and it
not usable, only emit a warning.
- Emitting the machine-readable policy configuration is not very
helpful. Instead, explain the effective policy, and how to change
it. This aligns the subcommand with the other `sq config inspect`
subcommands.
- Fixes#490.
