revocation certificate to the keyservers directly, should the admin
want that.
It can also run without prompting, if MONKEYSPHERE_PROMPT=false. In
the no-prompts case, it never publishes to the keyserver, it indicates
that the key was compromised, and it writes a boilerplate description
to make it easy to identify this kind of certificate.