Package revocation provides tools to create and manage revocation caveats.
NotRevokedCaveat is used to implement revocation. It validates iff the parameter is not included in a list of blacklisted values.
The third-party discharging service checks this revocation caveat against a database of blacklisted (revoked) keys before issuing a discharge.
RevocationManager persists information for revocation caveats to provided discharges and allow for future revocations. nolint:golint // API change required.
NewRevocationManager returns a RevocationManager that persists information about revocationCaveats in a SQL database and allows for revocation and caveat creation. This function can only be called once because of the use of global variables.