Citadel as a PKI in istio, for the model Citadel + mounted CA:
Does Citadel support revoking Certificate?
Does Citadel support CRL checking?
Does Citadel maintain issued certificate history? Such as based on the certificate serial number, some admin might wants to check some certificate details, while not having certificate content at hand.
Though those functionalities might not necessary for most of the usages, thus I am asking just for evaluating purpose.