| Yingdi Yu | 5edf97d | 2014-06-15 11:35:12 -0700 | [diff] [blame^] | 1 | ndnsec-cert-revoke |
| 2 | ================== |
| 3 | |
| 4 | ``ndnsec-cert-revoke`` is a tool to generate a certificate revocation data. |
| 5 | |
| 6 | Usage |
| 7 | ----- |
| 8 | |
| 9 | :: |
| 10 | |
| 11 | $ ndnsec-cert-revoke [-h] request |
| 12 | |
| 13 | Description |
| 14 | ----------- |
| 15 | |
| 16 | This command takes an identity ertificate as input. |
| 17 | The tool will check whether user is the issuer of the certificate (by checking whether user has the key pointed by the KeyLocator of the certificate). |
| 18 | If so, the tool will generate an empty packet named by the certificate name appended with "REVOKED" as a revocation data. |
| 19 | If user is not the issuer of the certificate, the command will return error. |
| 20 | |
| 21 | This tool generates a revocation Data. |
| 22 | It does not actually revoke a certificate. |
| 23 | How to publish and use the revocation Data is not finalized yet. |
| 24 | |
| 25 | Options |
| 26 | ------- |
| 27 | |
| 28 | ``request`` |
| 29 | request is file name of the certificate to revoke (``-`` for standard input) |
| 30 | |
| 31 | Examples |
| 32 | -------- |
| 33 | |
| 34 | :: |
| 35 | |
| 36 | $ ndnsec-cert-revoke some-cert-to-revoke.ndncert |