This Method invalidates the current and all future keys of this SecurityGroup. The keys will be replaced by new keys; indicated by a new current SecurityTokenId. The new current SecurityTokenId shall be incremented beyond the SecurityTokenId of the last invalidated future key.

If the SecurityGroup is related to one or more PubSubKeyPushTargets, the SKS shall push the new set of keys to all related PubSubKeyPushTargets.

The Client shall be authorized to modify the configuration for the SKS functionality and shall use at least a signed communication channel when invoking this Method on the Server.

Signature

InvalidateKeys ();

Method Result Codes

ResultCode

Description

Bad_UserAccessDenied

The Session user is not allowed invalidate the keys on this SecurityGroup.

Bad_SecurityModeInsufficient

The communication channel is not using signing.

Table 214 specifies the AddressSpace representation for the InvalidateKeys Method.

Table 214 – InvalidateKeys Method AddressSpace definition

Attribute

Value

BrowseName

InvalidateKeys

ConformanceUnits

PubSub Model SKS