Manpage logo

sq-key-userid - Manage User IDs

NAME  SYNOPSIS  DESCRIPTION  SUBCOMMANDS  sq key userid add  sq key userid revoke  EXAMPLES  sq key userid add  sq key userid revoke  SEE ALSO  VERSION 

NAME

sq−key−userid − Manage User IDs

SYNOPSIS

sq key userid add [OPTIONS]
sq key userid revoke [OPTIONS]

DESCRIPTION

Manage User IDs.

Add User IDs to a key, or revoke them.

SUBCOMMANDS

sq key userid add

Add a user ID.

A user ID can contain a name, like ‘Juliet‘, or an email address, like ‘<[email protected]>‘. Historically, a name and an email address were usually combined as a single user ID, like ‘Juliet <[email protected]>‘. However, user IDs that include different information such as name and email address are more difficult to reason about, so using distinct user IDs for name and email address is preferred nowadays.

‘sq key userid add‘ respects the reference time set by the top−level ‘−−time‘ argument. It sets the creation time of the user ID’s binding signature to the specified time.

sq key userid revoke

Revoke a user ID.

Creates a revocation certificate for a user ID.

If ‘−−revoker‘ or ‘−−revoker−file‘ is provided, then that key is used to create the revocation certificate. If that key is different from the certificate that is being revoked, this results in a third−party revocation. This is normally only useful if the owner of the certificate designated the key to be a designated revoker.

To revoke a user ID, the certificate must be valid under the current policy. If the certificate is not valid under the current policy, consider revoking the whole certificate, or fixing it using ‘sq cert lint‘ after verifying the certificate’s integrity. If the certificate is valid under the current policy, but the user ID you want to revoke isn’t, you can still revoke the user ID using ‘−−add−userid‘.

‘sq key userid revoke‘ respects the reference time set by the top−level ‘−−time‘ argument. When set, it uses the specified time instead of the current time when determining what keys are valid, and it sets the revocation certificate’s creation time to the reference time instead of the current time.

EXAMPLES

sq key userid add

# Add a new user ID to Alice’s key.

sq key userid add −−cert \

EB28F26E2739A4870ECC47726F0073F60FD0CBF0 −−name Alice \
−−email [email protected]

sq key userid revoke

Retire a user ID on Alice’s key.

sq key userid revoke −−cert \

EB28F26E2739A4870ECC47726F0073F60FD0CBF0 −−userid \
"Alice <[email protected]>" −−reason retired −−message \
"No longer at example.org."

SEE ALSO

sq(1), sq−key(1), sq−key−userid−add(1), sq−key−userid−revoke(1).

For the full documentation see <https://book.sequoia−pgp.org/>.

VERSION

1.3.1

Updated 2026-06-01 - jenkler.se | uex.se