IAM in Service Catalog
This post summarizes several changes concerning the UW weblogin service.
On Tuesday, December 18, we plan to deploy a more mobile-friendly version
of the current user interface for the "weblogin" service. This update
preserves the current look-and-feel of its web design, but makes it more
responsive to the kinds of devices and browsers in use today.
To review the design go to https://webloginprodtest.cac.washington.edu.
To provide feedback and/or to test it on one of your registered Pubcookie
service provider websites, email firstname.lastname@example.org.
On Tuesday, November 13, the SSL website certificate for the weblogin
service was changed to one issued by the InCommon CA. Apologies for the
postprandial notification. We had a lot of confidence this wouldn't impact
you as customers, nor impact all of our end users. Yet, the change
surprised some folks and I plan to do better with notifications next time.
You can now use a certificate issued by the InCommon CA to authenticate
your keyclient connections to the Pubcookie keyserver. Previously, the
keyserver only trusted the UW Service CA and Thawte CA. Now you can obtain
a certificate from InCommon and use it for website SSL and with the
For folks integrating with the weblogin service using Shibboleth service
provider software, you may have received an email on November 29th
(Subject: Changes to U of Washington Shibboleth IdP) notifying registered
contacts about changes to the X.509 certificates used by the UW Shibboleth
IdP and published in the UW IdP metadata. Per the email, action may be
required by Tuesday, January 22. Please review that email if you received
it, and email questions to email@example.com with a subject line of "IdP