Rework PKCS #10 sanity checking code.

svn path=/branches/tk671/; revision=5653

2 files changed, 8 insertions, 2 deletions

diff --git a/rpkid/rpki/irdb/models.py b/rpkid/rpki/irdb/models.py
index 3553581e..b6fc28be 100644
--- a/rpkid/rpki/irdb/models.py
+++ b/rpkid/rpki/irdb/models.py
@@ -586,7 +586,7 @@ class EECertificateRequest(ResourceSet):
 
   # At one point I had a router_id field here, but I don't think it
   # serves any real purpose.  Put it back if I remember why I thought
-  # we needed it, but the current I-D has router-id encoded in teh
+  # we needed it, but the current I-D has router-id encoded in the
   # subject name.
 
   # Need subject name field here?  It's in the PKCS #10, but then so
@@ -597,6 +597,12 @@ class EECertificateRequest(ResourceSet):
   # X.509 commonName and serialNumber if necessary, question is whether
   # this is necessary.
 
+  # Well, we need //some// way of storing the router-id, and the PKCS
+  # #10 doesn't contain a subject name, so we need an additional field.
+  # Question becomes whether user wants to control which AS is used
+  # in the router certificate's name in the rare case where there's
+  # more than one (AS aliasing, I gather).
+
   def _select_resource_bag(self):
     ee_asn = rpki.irdb.EECertificateRequestASN.objects.raw("""
         SELECT *
diff --git a/rpkid/rpki/irdb/zookeeper.py b/rpkid/rpki/irdb/zookeeper.py
index 6c7d2206..97e56d5a 100644
--- a/rpkid/rpki/irdb/zookeeper.py
+++ b/rpkid/rpki/irdb/zookeeper.py
@@ -1600,7 +1600,7 @@ class Zookeeper(object):
     .load_asns() and .load_prefixes() for other strategies.
     """
 
-    pkcs10.check_valid_rpki(kind = kind)
+    pkcs10.check_valid_request_ee(kind = kind)
     ee_request = self.resource_ca.ee_certificate_requests.create(
       pkcs10      = pkcs10,
       gski        = pkcs10.gSKI(),