nøkkelrevokasjon

Key revocation (nøkkelrevokasjon) refers to the process of invalidating a cryptographic key before its scheduled expiration. This practice is essential in maintaining the security of systems that rely on asymmetric or symmetric keys for authentication, encryption, or digital signatures. When a key is compromised, misused, or retained longer than necessary, revocation prevents unauthorized parties from continuing to use it.

In public‑key infrastructures (PKI), key revocation is typically managed through revocation lists such as certificate revocation

Symmetric key revocation is less standardized; it often relies on key management protocols that replace keys

Legal frameworks in many jurisdictions, such as the European Union’s GDPR or industry regulations like PCI‑DSS,