Keystone server no longer supports PKI/PKIZ. This change removes
keystonemiddleware's support of PKI/PKIZ and associated code.
Change-Id: I9a6639a2aa3774be61972d57f38220f66fd5c0e8
closes-bug: #1649735
partial-bug: #1736985
If the revocation list includes audit_ids, then when doing offline
validation also validate the token isn't revoked by audit_id.
Closes-Bug: 1490804
Change-Id: I483bc57bd38eb81a0905bcaf94e4ea82604919d6