summaryrefslogtreecommitdiff
path: root/man/man8
diff options
context:
space:
mode:
authorDaniel Kahn Gillmor <dkg@fifthhorseman.net>2009-02-20 12:27:01 -0500
committerDaniel Kahn Gillmor <dkg@fifthhorseman.net>2009-02-20 12:27:01 -0500
commit10888c602170f6157ff43a81bad920babdd6a59e (patch)
treed54791d162953d2761b71e1ff3ef448a6c8de315 /man/man8
parent9b47ae89c3840eb2af9a57a885e19ccbe36957d5 (diff)
monkeysphere-host revoke-key should now be capable of publishing the
revocation certificate to the keyservers directly, should the admin want that. It can also run without prompting, if MONKEYSPHERE_PROMPT=false. In the no-prompts case, it never publishes to the keyserver, it indicates that the key was compromised, and it writes a boilerplate description to make it easy to identify this kind of certificate.
Diffstat (limited to 'man/man8')
-rw-r--r--man/man8/monkeysphere-host.814
1 files changed, 8 insertions, 6 deletions
diff --git a/man/man8/monkeysphere-host.8 b/man/man8/monkeysphere-host.8
index 2ccaaec..0a9fc1b 100644
--- a/man/man8/monkeysphere-host.8
+++ b/man/man8/monkeysphere-host.8
@@ -62,15 +62,17 @@ in place of `revoke-hostname'.
Add a revoker to the host's OpenPGP key. The key ID will be loaded
from the keyserver. A file may be loaded instead of pulling the key
from the keyserver by specifying the path to the file as the argument,
-or by specifying `-` to load from stdin. `o' may be be used in place
+or by specifying `-` to load from stdin. `r+' may be be used in place
of `add-revoker'.
.TP
.B revoke-key
-Revoke the host's OpenPGP key. This will ask you a series of
-questions, and then generate a key revocation certificate on standard
-out. If you publish this revocation certificate to the public
-keyservers, your host key will be permanently revoked. `r' may be
-used in place of `revoke-key'.
+Generate (with the option to publish) a revocation certificate for the
+host's OpenPGP key. If such a certificate is published, your host key
+will be permanently revoked. This subcommand will ask you a series of
+questions, and then generate a key revocation certificate, sending it
+to stdout. If you explicitly tell it to publish the revocation
+certificate immediately, it will send it to the public keyservers.
+USE WITH CAUTION!
.TP
.B publish-key
Publish the host's OpenPGP key to the keyserver. `p' may be used in