allow identity revocation with v1 certificate

We should make this possible