Provided by: sq_0.27.0-1_amd64 
NAME
revoke - Generates revocation certificates
SYNOPSIS
revoke [-h|--help] <subcommands>
DESCRIPTION
Generates revocation certificates.
A revocation certificate indicates that a certificate, a subkey, a User ID, or a signature
should not be used anymore.
A revocation certificate includes two fields, a type and a human-readable explanation,
which allows the issuer to indicate why the revocation certificate was issued. It is
important to set the type field accurately as this allows an OpenPGP implementation to
better reason about artifacts whose validity relies on the revoked object. For instance,
if a certificate is retired, it is reasonable to consider signatures that it made prior to
its retirement as still being valid. However, if a certificate's secret key material is
compromised, any signatures that it made should be considered potentially forged, as they
could have been made by an attacker and backdated.
As the intent of a revocation certificate is to stop others from using a certificate, it
is necessary to distribute the revocation certificate. One effective way to do this is to
upload the revocation certificate to a keyserver.
OPTIONS
-h, --help
Print help information
SUBCOMMANDS
revoke-certificate(1)
Revoke a certificate
revoke-subkey(1)
Revoke a subkey
revoke-userid(1)
Revoke a User ID
EXAMPLES
Revoke a certificate.
sq revoke certificate --time 20220101 --certificate juliet.pgp \
compromised "My parents went through my things, and found my backup."
Revoke a User ID.
sq revoke userid --time 20220101 --certificate juliet.pgp \
"Juliet <juliet@capuleti.it>" retired "I've left the family."
SEE ALSO
For the full documentation see <https://docs.sequoia-pgp.org/sq/>.
sq(1) sq-armor(1) sq-autocrypt(1) sq-certify(1) sq-dearmor(1) sq-decrypt(1) sq-encrypt(1)
sq-inspect(1) sq-key(1) sq-keyring(1) sq-keyserver(1) sq-packet(1)
sq-revoke-certificate(1) sq-revoke-subkey(1) sq-revoke-userid(1) sq-sign(1) sq-verify(1)
sq-wkd(1)