diff --git a/README.md b/README.md
index cca2e48e6..515be72d0 100644
--- a/README.md
+++ b/README.md
@@ -110,6 +110,10 @@ Bluetooth Low Energy mode
 hang the processor when trying to authenticate an encrypted kernel image after
 a failed attempt. Hence the target needs to be reset after an authentication
 failure.
+* NXP i.MX6 processor does not set the sticky bit which write protects the
+SRK_REVOKE eFuse on closed devices. This means that in the ConnectCore 6,
+key revocation is always possible, no matter the value of the Yocto macro
+TRUSTFENCE_UNLOCK_KEY_REVOCATION.
 
 ## Digi ConnectCore 6 SBC
 
diff --git a/meta-digi-dey/classes/trustfence.bbclass b/meta-digi-dey/classes/trustfence.bbclass
index c933e34ed..49aa5459d 100644
--- a/meta-digi-dey/classes/trustfence.bbclass
+++ b/meta-digi-dey/classes/trustfence.bbclass
@@ -56,6 +56,8 @@ python () {
         d.appendVar("UBOOT_EXTRA_CONF", "CONFIG_SIGN_IMAGE=y ")
         if d.getVar("TRUSTFENCE_SIGN_KEYS_PATH", True):
             d.appendVar("UBOOT_EXTRA_CONF", 'CONFIG_SIGN_KEYS_PATH=\\"%s\\" ' % d.getVar("TRUSTFENCE_SIGN_KEYS_PATH"))
+        if (d.getVar("TRUSTFENCE_UNLOCK_KEY_REVOCATION", True) == "1"):
+            d.appendVar("UBOOT_EXTRA_CONF", "CONFIG_UNLOCK_SRK_REVOKE=y ")
         if d.getVar("TRUSTFENCE_KEY_INDEX", True):
             d.appendVar("UBOOT_EXTRA_CONF", "CONFIG_KEY_INDEX=%s " % d.getVar("TRUSTFENCE_KEY_INDEX"))
         if (d.getVar("TRUSTFENCE_DEK_PATH", True) not in [None, "0"]):