Updated text

Author: ronmiab

azure-local/manage/disconnected-operations-overview.md

@@ -40,7 +40,7 @@ Disconnected operations for Azure Local support the following services:
 | Azure portal                      | Delivers an Azure portal experience that's similar to Azure Public. |
 | Azure Resource Manager (ARM)      | Manage and utilize subscriptions, resource groups, ARM templates, and Azure Command-Line Interface (CLI). |
 | Role Based Access Control (RBAC)  | Implement RBAC for subscriptions and resource groups. |
-| Managed Identity                  | Access resources with Managed Identity support for user workloads. |
+| Managed Identity                  | Use **system-assigned** managed identity for resource types that support managed identity. |
 | Arc-enabled servers               | Manage VM Guests for Arc VMs on Azure Local. |
 | Arc VMs for Azure Local           | Set up and manage Windows or Linux virtual machines using the disconnected operations feature for Azure Local. |
 | Arc-enabled Kubernetes (K8s)      | Connect and manage Cloud Native Computing Foundation (CNCF) Kubernetes clusters deployed on Azure Local virtual machines, enabling unified configuration and management. |
@@ -83,7 +83,7 @@ The following table lists the requirements to successfully deploy and run discon
 | Area          | Supported system         | Use                          |
 | --------------| -------------------------| -----------------------------|
 | Identity      | Active Directory Federation Service (ADFS) on Windows Server 2022 | Lightweight Directory Access Protocol (LDAP) provides group membership and synchronization. <br><br> ADFS authenticates users to the Azure Local portal to manage disconnected operations using Open-ID Connect (OIDC). <br><br> Active Directory (AD) is required for disconnected operations. |
-| Public Key Infrastructure (PKI)   | Both Private and Public PKI are supported and required <br><br> Active Directory Certificate Services (ADCS) validated as a Private PKI solution | Issue certificates to secure Azure Local disconnected operations endpoints (TLS). |
+| Public Key Infrastructure (PKI)   |Private and Public PKIs are supported <br><br> If you use a public PKI, the certificate revocation list (CRL) endpoint must be reachable from your infrastructure. <br><br> Active Directory Certificate Services (ADCS) validated as a Private PKI solution | Issue certificates to secure Azure Local disconnected operations endpoints (TLS). |
 | Network Time Protocol (NTP) optional  | Local or Public time server | Time server synchronizes the system clock. |
 | Domain Name System (DNS)   | Any DNS server, such as DNS role on Windows Server | DNS service is required in the local network to resolve Azure Local-disconnected operations endpoints and configure ingress IPs. <br><br> When you run the appliance for disconnected operations in a connected mode, a DNS server is required to resolve Microsoft domain names for logging and telemetry. |