Provided by: sq_0.27.0-1_amd64
NAME
revoke - Generates revocation certificates
SYNOPSIS
revoke [-h|--help] <subcommands>
DESCRIPTION
Generates revocation certificates. A revocation certificate indicates that a certificate, a subkey, a User ID, or a signature should not be used anymore. A revocation certificate includes two fields, a type and a human-readable explanation, which allows the issuer to indicate why the revocation certificate was issued. It is important to set the type field accurately as this allows an OpenPGP implementation to better reason about artifacts whose validity relies on the revoked object. For instance, if a certificate is retired, it is reasonable to consider signatures that it made prior to its retirement as still being valid. However, if a certificate's secret key material is compromised, any signatures that it made should be considered potentially forged, as they could have been made by an attacker and backdated. As the intent of a revocation certificate is to stop others from using a certificate, it is necessary to distribute the revocation certificate. One effective way to do this is to upload the revocation certificate to a keyserver.
OPTIONS
-h, --help Print help information
SUBCOMMANDS
revoke-certificate(1) Revoke a certificate revoke-subkey(1) Revoke a subkey revoke-userid(1) Revoke a User ID
EXAMPLES
Revoke a certificate. sq revoke certificate --time 20220101 --certificate juliet.pgp \ compromised "My parents went through my things, and found my backup." Revoke a User ID. sq revoke userid --time 20220101 --certificate juliet.pgp \ "Juliet <juliet@capuleti.it>" retired "I've left the family."
SEE ALSO
For the full documentation see <https://docs.sequoia-pgp.org/sq/>. sq(1) sq-armor(1) sq-autocrypt(1) sq-certify(1) sq-dearmor(1) sq-decrypt(1) sq-encrypt(1) sq-inspect(1) sq-key(1) sq-keyring(1) sq-keyserver(1) sq-packet(1) sq-revoke-certificate(1) sq-revoke-subkey(1) sq-revoke-userid(1) sq-sign(1) sq-verify(1) sq-wkd(1)