A Revocation Update is done whenever an issuer wants to revoke a credential. The issuer writes a new value to the Revocation Registry that removes the “serial number” of the revoked credential from the cryptographic product. Once this happens, the credential holder can no longer produce a proof of non-revocation, i.e., a proof that the credential is still valid. However, no one can look at the Revocation Registry and tell which credentials have been revoked, thus preserving privacy. Note that the credential will still reside in the holder’s digital wallet, but the holder can no longer prove it has not been revoked. Also note that a single write to a revocation registry can revoke any number of issued credentials in a single action.