veyron/services/identity: Revocation caveats are issued for every identity and can be revoked from the UI.
* Discharger services run alongside the identity server.
* Revocation manager persists revocation caveat information and ability to revoke them.
* Every Identity gets issued a veryon/services/identity/revocation.RevocationCaveat with their identity.
* Adding CSRF to the revoke page will come in later CL.
* Future UI improvements (showing what has been revoked) will come in a later CL.
Change-Id: I8fbb65c5df85e5cb48ca94293569a8a0ae41f448
12 files changed
