Rework PKCS #10 sanity checking code.

svn path=/branches/tk671/; revision=5653
author: Rob Austein <sra@hactrn.net> 2014-01-29 16:22:03 +0000
committer: Rob Austein <sra@hactrn.net> 2014-01-29 16:22:03 +0000
commit: 2645eabce95e2cbca2e81339b093f457d0c3310e (patch)
tree: c102018e68d11121f1004bed3f5b95cc491faa65 /rpkid/rpki/irdb/models.py
parent: 5a007a74529766b5b27f8e054d4fad79172d2d5c (diff)
1 files changed, 7 insertions, 1 deletions
diff --git a/rpkid/rpki/irdb/models.py b/rpkid/rpki/irdb/models.py
index 3553581e..b6fc28be 100644
--- a/rpkid/rpki/irdb/models.py
+++ b/rpkid/rpki/irdb/models.py
@@ -586,7 +586,7 @@ class EECertificateRequest(ResourceSet):
 
   # At one point I had a router_id field here, but I don't think it
   # serves any real purpose.  Put it back if I remember why I thought
-  # we needed it, but the current I-D has router-id encoded in teh
+  # we needed it, but the current I-D has router-id encoded in the
   # subject name.
 
   # Need subject name field here?  It's in the PKCS #10, but then so
@@ -597,6 +597,12 @@ class EECertificateRequest(ResourceSet):
   # X.509 commonName and serialNumber if necessary, question is whether
   # this is necessary.
 
+  # Well, we need //some// way of storing the router-id, and the PKCS
+  # #10 doesn't contain a subject name, so we need an additional field.
+  # Question becomes whether user wants to control which AS is used
+  # in the router certificate's name in the rare case where there's
+  # more than one (AS aliasing, I gather).
+
   def _select_resource_bag(self):
     ee_asn = rpki.irdb.EECertificateRequestASN.objects.raw("""
         SELECT *
author	Rob Austein <sra@hactrn.net>	2014-01-29 16:22:03 +0000
committer	Rob Austein <sra@hactrn.net>	2014-01-29 16:22:03 +0000
commit	2645eabce95e2cbca2e81339b093f457d0c3310e (patch)
tree	c102018e68d11121f1004bed3f5b95cc491faa65 /rpkid/rpki/irdb/models.py
parent	5a007a74529766b5b27f8e054d4fad79172d2d5c (diff)