diff options
author | Daniel Kahn Gillmor <dkg@fifthhorseman.net> | 2009-02-20 12:27:01 -0500 |
---|---|---|
committer | Daniel Kahn Gillmor <dkg@fifthhorseman.net> | 2009-02-20 12:27:01 -0500 |
commit | 10888c602170f6157ff43a81bad920babdd6a59e (patch) | |
tree | d54791d162953d2761b71e1ff3ef448a6c8de315 /man/man8 | |
parent | 9b47ae89c3840eb2af9a57a885e19ccbe36957d5 (diff) |
monkeysphere-host revoke-key should now be capable of publishing the
revocation certificate to the keyservers directly, should the admin
want that.
It can also run without prompting, if MONKEYSPHERE_PROMPT=false. In
the no-prompts case, it never publishes to the keyserver, it indicates
that the key was compromised, and it writes a boilerplate description
to make it easy to identify this kind of certificate.
Diffstat (limited to 'man/man8')
-rw-r--r-- | man/man8/monkeysphere-host.8 | 14 |
1 files changed, 8 insertions, 6 deletions
diff --git a/man/man8/monkeysphere-host.8 b/man/man8/monkeysphere-host.8 index 2ccaaec..0a9fc1b 100644 --- a/man/man8/monkeysphere-host.8 +++ b/man/man8/monkeysphere-host.8 @@ -62,15 +62,17 @@ in place of `revoke-hostname'. Add a revoker to the host's OpenPGP key. The key ID will be loaded from the keyserver. A file may be loaded instead of pulling the key from the keyserver by specifying the path to the file as the argument, -or by specifying `-` to load from stdin. `o' may be be used in place +or by specifying `-` to load from stdin. `r+' may be be used in place of `add-revoker'. .TP .B revoke-key -Revoke the host's OpenPGP key. This will ask you a series of -questions, and then generate a key revocation certificate on standard -out. If you publish this revocation certificate to the public -keyservers, your host key will be permanently revoked. `r' may be -used in place of `revoke-key'. +Generate (with the option to publish) a revocation certificate for the +host's OpenPGP key. If such a certificate is published, your host key +will be permanently revoked. This subcommand will ask you a series of +questions, and then generate a key revocation certificate, sending it +to stdout. If you explicitly tell it to publish the revocation +certificate immediately, it will send it to the public keyservers. +USE WITH CAUTION! .TP .B publish-key Publish the host's OpenPGP key to the keyserver. `p' may be used in |