IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
- Previously, `sq key list` showed a different error for a certificate
in the certificate store from a certificate that is not in the
certificate store. Align these.
- Fixes#462.
- When `sq inspect` displays a PKESK, it displays the recipient key
ID. For a user of `sq`, this information is nearly useless. The
recipient is normally a subkey, and `sq` doesn't support looking
up certificates by subkey.
- Extend `sq inpsect` to look up the recipient, and display
information about the the associated certificate, if it is
available.
- This adds a mechanism to add a list of certificates presumably
owned by the user to the recipients using the `--for-self` flag.
This makes sure the encrypted message can be decrypted again.
- Fixes#461.
- User IDs have to be explicitly given, or `--all` has to be used to
select them all (this was previously the default).
- This aligns the retract subcommand with the other link and vouch
management commands.
- Fixes#442.
- Add a new paramter to `sq pki link add`, `sq pki link authorize`,
and `sq pki link retract`, `--cert-special`, which allows addressing
shadow CAs by symbolic names.
- If the shadow CA doesn't exist yet, we create it.
- This means `sq pki link authorize --cert-special keys.openpgp.org
--all --unconstrained` can be used to fully trust the
`keys.openpgp.org` key server, for instance. This is more
convenient, and especially useful for documentation.
- Fixes#337.
- Invoking it now requires the `--experimental` flag. This is a
template that we may use to introduce features into sq with a bit
of a chance to stabilize it over time.
- Fixes#455.
- Add a configuration file for sq, and sq config get to
programmatically query configuration values, and sq config template
to create a template as a starting point for a custom configuration
file.
- As a first step, the following things have been made configurable:
- The cipher suite for key generation.
- The set of keyservers.
- The cryptographic policy, which can be sourced from an external
file as well as modified inline.
- If there is no configuration file, sq config template can be used to
create a template for the user to modify.
- If a default has been overridden using the configuration file,
sq's --help output is augmented with the configured value.
- Align user ID designators across these four commands. Previously,
`--all` was implied for the authorize commands if no user ID
designator was given.
- However, this is problematic for the following reasons:
- First, it is inconsistent across the commands.
- Second, while CAs can add any name to their cert because they
are CAs, those certifications are subject to constraints, such
as domain constraints, or the amount. But, the link we add
fully authenticates the current user IDs, which may not be what
the user wants, so it should require explicit consent.
- Third, making this implicit again is easier than going from
implicit to explicit, which breaks existing users.
- Fixes#442.
