This project is being done to patch a potential security flaw in our implementation of Pubcookie.
Right now the URLs "students.washington.edu/UWNetID/" and "www.students.washington.edu/UWNetID/" point to a student's web directory.
The goal is to move the UWNetID out of the directory and into the domain. This will be accomplished by changing the URL at which student web directories are accessed to "UWNetID.students.washington.edu/".
There will be redirects in place so that the old form URLs still function. In the final state, the following URLs will point to the student web directory of the user "UWNetID".
The system that will accomplish these redirects and per-user domains will also allow us to support a testing URL that will allow us to make migrations from one Operating System or major software version to another much more easily than we can now. It does this by providing an alternate domain that points to a different web server. This allows users to have a testing version of their site for development or for migrating to a new OS or program version.
This will look something like:
SSL certificates are based on domain names, so this will require a "wildcard" certificate (*.students.washington.edu). These are expensive. The UW is a Certificate Authority, so we can issue ourselves a certificate and save $$, but then people will have to isntall our certificate to use SSL on the student servers, and later on the staff servers when this change continues on to the staff/faculty/depts/courses servers.
The SIT(Security Infrastructure Team) is currently evaluating this project to determine issues like this. There will be a more final announcement when the details of this are worked out.