Various reports of all servers tested

Report for december 2013 | Results of the last day | Results of the last week | Results of the last month

TLS versions 454 results

SSL 2 2 0.4%
SSL 3 5 1.1%
TLS 1.0 255 56.2%
TLS 1.1 269 59.3%
TLS 1.2 450 99.1%

Grades 454 results

A 403 88.8%
B 42 9.3%
C 6 1.3%
D 0 0%
E 0 0%
F 3 0.7%
Does not penalize untrusted certificates.

RSA key sizes for domain certificates

RSA key size Count
1024 5 1.2%
2048 259 59.8%
3072 6 1.4%
4096 163 37.6%

StartTLS

Type Client to server Server to server
Required 235 80.8% 107 65.6%
Allowed 56 19.2% 56 34.4%

Trust

To do authenticated encryption, a certificate needs to be both trusted and valid. Trusted means it is issued by a well-known CA and valid means it is valid for the domain we want to connect to.

Trusted Untrusted
Valid 413 84.8% 51 10.5%
Invalid 7 1.4% 16 3.3%

SASL mechanisms 291 results

Mechanism # times offered before TLS # times offered after TLS
PLAIN 51 17.5% 286 98.3%
SCRAM-SHA-1 51 17.5% 251 86.3%
SCRAM-SHA-1-PLUS 0 0% 116 39.9%
X-OAUTH2 13 4.5% 72 24.7%
DIGEST-MD5 29 10% 61 21%
CRAM-MD5 16 5.5% 18 6.2%
JIVE-SHAREDSECRET 3 1% 3 1%
ANONYMOUS 2 0.7% 2 0.7%
EXTERNAL 1 0.3% 2 0.7%
LOGIN 0 0% 2 0.7%
SCRAM-SHA-256 1 0.3% 2 0.7%
SCRAM-SHA-224 1 0.3% 1 0.3%
SCRAM-SHA-256-PLUS 0 0% 1 0.3%
SCRAM-SHA-384 1 0.3% 1 0.3%
SCRAM-SHA-384-PLUS 0 0% 1 0.3%
SCRAM-SHA-512 1 0.3% 1 0.3%
SCRAM-SHA-512-PLUS 0 0% 1 0.3%
TIKITOKEN 1 0.3% 1 0.3%
SCRAM-SHA-224-PLUS 0 0% 1 0.3%

Servers supporting SSL 3, but not TLS 1.0 0 results

SSL 3 and TLS 1.0 are very similar, but TLS 1.0 has some small improvements. This table is meant to help judge whether SSL 3 can be disabled by listing the servers that do support SSL 3, but not TLS 1.0.

Target Type When

Servers supporting SSL 2 2 results

SSL 2 is broken and insecure. It is not required for compatibility and servers should disable it.

Target Type When
komunikator.umk.pl client to server
s.ms client to server

CAs used Top 30

Name/Organization SHA1 Count
Let's Encrypt Authority X3 E6:A3:B4:5B:06:2D:50:9B:33:82:28:2D:19:6E:FE:97:D5:95:6C:CB 259
Sectigo RSA Domain Validation Secure Server CA 33:E4:E8:08:07:20:4C:2B:61:82:A3:A1:4B:59:1A:CD:25:B5:F0:DB 11
Let's Encrypt Authority X3 1B:23:67:53:54:FC:AD:90:11:9D:88:07:50:15:EA:17:AD:D5:27:D8 7
COMODO RSA Domain Validation Secure Server CA 33:9C:DD:57:CF:D5:B1:41:16:9B:61:5F:F3:14:28:78:2D:1D:A6:39 4
DigiCert Baltimore CA-2 G2 A9:D5:30:02:E9:7E:00:E0:43:24:4F:3D:17:0D:6F:4C:41:41:04:FD 4
CAcert Class 3 Root AD:7C:3F:64:FC:44:39:FE:F4:E9:0B:E8:F4:7C:6C:FA:8A:AD:FD:CE 2
AlphaSSL CA - SHA256 - G2 4C:27:43:17:17:56:5A:3A:07:F3:E6:D0:03:2C:42:58:94:9C:F9:EC 2
RapidSSL RSA CA 2018 98:C6:A8:DC:88:79:63:BA:3C:F9:C2:73:1C:BD:D3:F7:DE:05:AC:2D 2
Go Daddy Secure Certificate Authority - G2 27:AC:93:69:FA:F2:52:07:BB:26:27:CE:FA:CC:BE:4E:F9:C3:19:B8 2
localhost 03:86:16:DA:4D:22:50:4E:B5:BE:69:07:82:71:07:FA:87:8E:4E:82 1
GeoTrust RSA CA 2018 7C:CC:2A:87:E3:94:9F:20:57:2B:18:48:29:80:50:5F:A9:0C:AC:3B 1
torxmppu5u7amsed.onion DF:B4:93:B3:11:63:E9:9E:AC:4A:2F:83:62:43:4B:88:22:BA:89:0F 1
new-swankton.net A3:BF:22:D3:EE:44:6E:65:B0:F8:25:80:89:89:81:56:99:B9:7B:E7 1
ejabberd C1:8B:AF:97:16:64:64:71:DA:50:8A:1C:7E:DC:E6:E6:FA:42:4F:68 1
localhost B9:B3:E3:1F:26:CC:BF:DF:1E:78:9D:CA:61:A7:40:C5:FF:9C:E9:83 1
ejabberd 3E:95:E9:EA:B9:72:E4:E4:AD:2B:C1:7C:07:1E:76:A0:61:72:E8:A1 1
lcp.cc C9:75:98:DB:89:22:9C:20:F3:3B:5D:36:D3:2C:7A:E9:C5:C3:28:AE 1
vms.worknit.net 33:51:CE:C4:FB:00:9D:D1:BC:D8:6C:E1:F0:04:7B:74:E9:20:3C:87 1
John Doe 4B:EB:B2:62:42:70:4B:2D:1A:A6:A6:47:F3:E5:B1:E7:54:8C:11:FD 1
Sectigo RSA Organization Validation Secure Server CA 40:CE:F3:04:6C:91:6E:D7:AE:55:7F:60:E7:68:42:82:8B:51:DE:53 1
ijeeynrc6x2uy5ob.onion 83:B6:A3:D7:27:49:75:B6:7F:8D:73:9A:9A:8C:C1:A5:A1:9F:54:77 1
Scaleway CA 33:7B:89:69:5C:74:0B:50:3B:A1:0E:0D:1A:6D:F3:CD:72:A3:DB:9A 1
live.web-connected.com EA:67:28:78:88:7A:38:5C:3A:D3:F9:9A:0F:43:3F:1C:A1:DC:42:6A 1
ZeroSSL RSA Domain Secure Site CA C8:1A:8B:D1:F9:CF:6D:84:C5:25:F3:78:CA:1D:3F:8C:30:77:0E:34 1
Conversations CA F9:87:0B:66:B3:81:01:6F:E3:F3:F2:C4:B2:9E:3D:64:54:FA:E5:E8 1
StartCom Class 1 DV Server CA 39:8E:19:36:63:9B:A5:20:6D:F5:17:9B:FB:B7:01:09:33:96:94:00 1
p4dvd 84:57:88:65:D5:1A:F6:DD:F5:54:E8:86:3B:3F:6D:BD:00:7E:83:B0 1
RapidSSL SHA256 CA - G3 0E:34:14:18:46:E7:42:3D:37:F2:0D:C0:AB:06:C9:BB:D8:43:DC:24 1
ibroad.org B3:E2:27:29:43:2F:E4:AD:CB:12:66:CB:47:E2:B4:38:4F:14:C3:DC 1
ejabberd 40:81:98:66:81:A7:1E:B2:4F:B0:7F:23:A8:17:29:F1:52:F0:6F:6E 1

Servers using <2048-bit RSA certificates which expires after 01-01-2014 5 results

As described in the CA/Browser Forum Baseline Requirements, certificates with RSA keys with less than 2048 bits should not be issued with an notAfter date after 31-12-2013. This list lists all certificates which violate that rule.

Target Type When Issuer
lcp.cc server to server lcp.cc
new-swankton.net server to server new-swankton.net
onfireslots.com server to server onfireslots.com
smsnextiva.com server to server *.smsnextiva.com
smsnextiva.com server to server smsnextiva.com

Servers with DNSSEC signed SRV records 112 results

Target Type When
0x4a42.net client to server
0x4a42.net server to server
404.city client to server
404.city server to server
4ept.net client to server
5222.de client to server
a3.pm client to server
adorsaz.ch client to server
adorsaz.ch server to server
alpha-labs.net client to server
anoxinon.me client to server
bastelbude.eu client to server
bastelbude.eu server to server
beherit.pl client to server
beherit.pl server to server
blug.moe client to server
bobelifx.pro client to server
brevsprekk.net client to server
core.radiosignal.net client to server
core.radiosignal.net server to server
danwin1210.me client to server
dismail.de client to server
dismail.de server to server
disroot.org client to server
emaks.net client to server
emaks.net server to server
eniehack.net client to server
erewhon.in client to server
expx.net client to server
firegore.com client to server
firegore.com server to server
gensonline.eu client to server
high-way.me client to server
hot-chilli.eu client to server
im.hot-chilli.eu client to server
im.in-ulm.de client to server
im.uchicago.edu client to server
invy.at client to server
jabb3r.de client to server
jabb3r.org client to server
jabber.5july.net client to server
jabber.at client to server
jabber.briehl.de client to server
jabber.calyxinstitute.org client to server
jabber.calyxinstitute.org server to server
jabber.cat server to server
jabber.chaosbern.ch client to server
jabber.de client to server
jabber.eniehack.net client to server
jabber.eniehack.net server to server
jabber.eu.org client to server
jabber.eu.org server to server
jabber.fr client to server
jabber.fr server to server
jabber.hot-chilli.net client to server
jabber.no-sense.net client to server
jabber.no-sense.net server to server
jabberpl.org client to server
jabber.systemausfall.org client to server
jabber.systemli.org client to server
jabber.tcpreset.net client to server
jabber.tcpreset.net server to server
jabber.uk server to server
jarvispowered.com client to server
jarvispowered.com server to server
jeroendeneef.com client to server
jeroendeneef.com server to server
juniorjpdj.pl client to server
juniorjpdj.pl server to server
magicbroccoli.de client to server
mailbox.org client to server
mcgva.org server to server
nikel.me client to server
nixnet.xyz client to server
nlnet.nl client to server
nologs.is client to server
nologs.is server to server
null-pointer.eu client to server
null-pointer.eu server to server
nullroute.eu.org client to server
pimux.de client to server
pimux.de server to server
riseup.net client to server
riseup.net server to server
sakrum.de server to server
savemy.name client to server
skynetcloud.site client to server
skynetcloud.site server to server
snopyta.org client to server
snopyta.org server to server
suchat.org client to server
svyrydiuk.eu client to server
tegitur.com client to server
tegitur.com server to server
thehidenlibrary.xyz client to server
thehidenlibrary.xyz server to server
thesecure.biz client to server
tm-t.ca client to server
tm-t.ca server to server
trashserver.net client to server
van-donselaar.nl client to server
van-donselaar.nl server to server
void.int.eu.org client to server
void.int.eu.org server to server
waher.se client to server
wiktel.com client to server
wiktel.com server to server
wiuwiu.de client to server
xmpp.co client to server
xmpp.is client to server
xmpp.pm client to server
xmpp.pm server to server

Servers with DNSSEC signed DANE records 0 results

Target Type When

Servers with a hidden service 4 results

Target Type When
ijeeynrc6x2uy5ob.onion client to server
jabber.calyxinstitute.org client to server
jabber.calyxinstitute.org server to server
torxmppu5u7amsed.onion client to server

Servers not offering encryption 5 results

Target Type When
72.22.64.44 client to server
alapen.com client to server
lab.pynlab.com client to server
mpro.la client to server
rutrho.ddns.net server to server

Servers sharing private keys 28 results

Target SHA256(SPKI)
sms.bekconnect.com s2s 0F:9B:65:33:CF:FA:A6:C8:51:88:7B:5D:62:08:2C:BA:9E:E6:B5:76:1B:5A:E5:C8:3E:CB:1B:3E:56:C2:29:5E
text.testxmpp.com s2s 0F:9B:65:33:CF:FA:A6:C8:51:88:7B:5D:62:08:2C:BA:9E:E6:B5:76:1B:5A:E5:C8:3E:CB:1B:3E:56:C2:29:5E
jabber.avest.by c2s 27:8C:7B:8A:D9:09:02:DA:82:0F:B7:BA:C9:87:B2:7A:7A:1C:F2:A0:C0:27:E7:72:E7:31:45:7F:54:D1:78:64
jabber.avest.org c2s 27:8C:7B:8A:D9:09:02:DA:82:0F:B7:BA:C9:87:B2:7A:7A:1C:F2:A0:C0:27:E7:72:E7:31:45:7F:54:D1:78:64
chat.mobileplus.co.id c2s 38:2F:09:AE:8E:78:BC:7B:FA:73:8F:3C:04:6B:CB:18:29:A4:9E:3C:22:E1:D8:24:DB:78:32:04:DE:B4:1D:31
mobileplus.co.id c2s 38:2F:09:AE:8E:78:BC:7B:FA:73:8F:3C:04:6B:CB:18:29:A4:9E:3C:22:E1:D8:24:DB:78:32:04:DE:B4:1D:31
mobileplus.co.id s2s 38:2F:09:AE:8E:78:BC:7B:FA:73:8F:3C:04:6B:CB:18:29:A4:9E:3C:22:E1:D8:24:DB:78:32:04:DE:B4:1D:31
hklbgd.org c2s 46:86:BC:09:19:96:FE:6C:CA:25:D2:B0:26:D3:61:6A:02:A2:5A:1F:9B:52:E4:BD:36:03:2A:0D:AB:A3:42:89
hklbgd.org s2s 46:86:BC:09:19:96:FE:6C:CA:25:D2:B0:26:D3:61:6A:02:A2:5A:1F:9B:52:E4:BD:36:03:2A:0D:AB:A3:42:89
oosm.org c2s 46:86:BC:09:19:96:FE:6C:CA:25:D2:B0:26:D3:61:6A:02:A2:5A:1F:9B:52:E4:BD:36:03:2A:0D:AB:A3:42:89
asxmpp.de c2s 51:E5:C3:72:0C:9D:1F:3B:45:95:C0:2C:95:73:62:D8:91:CE:33:1E:BD:A4:04:63:BD:08:09:13:10:02:3B:68
pizzacomhub.com c2s 51:E5:C3:72:0C:9D:1F:3B:45:95:C0:2C:95:73:62:D8:91:CE:33:1E:BD:A4:04:63:BD:08:09:13:10:02:3B:68
1jabber.com s2s 55:EC:E0:D9:28:89:F2:D4:41:CC:BB:FE:4F:1C:C7:89:4A:C1:1F:A3:7E:C5:58:DA:B4:73:64:29:06:D5:DC:50
nologs.club s2s 55:EC:E0:D9:28:89:F2:D4:41:CC:BB:FE:4F:1C:C7:89:4A:C1:1F:A3:7E:C5:58:DA:B4:73:64:29:06:D5:DC:50
verified.pm s2s 55:EC:E0:D9:28:89:F2:D4:41:CC:BB:FE:4F:1C:C7:89:4A:C1:1F:A3:7E:C5:58:DA:B4:73:64:29:06:D5:DC:50
vipclub.pm s2s 55:EC:E0:D9:28:89:F2:D4:41:CC:BB:FE:4F:1C:C7:89:4A:C1:1F:A3:7E:C5:58:DA:B4:73:64:29:06:D5:DC:50
conference.signal.videobridges.vnclagoon.com s2s 7C:76:85:25:FD:E9:98:D4:0A:D8:56:32:7D:80:DA:B8:D1:2D:58:D3:FB:4B:6C:30:99:CA:86:07:92:FF:D6:EB
signal.videobridges.vnclagoon.com c2s 7C:76:85:25:FD:E9:98:D4:0A:D8:56:32:7D:80:DA:B8:D1:2D:58:D3:FB:4B:6C:30:99:CA:86:07:92:FF:D6:EB
draugr.de c2s 9D:E8:C7:2E:58:A9:F5:18:63:BA:4A:9C:AA:9B:C3:D1:03:DF:A1:5F:00:C6:49:9A:EB:20:FB:C5:39:EB:13:6B
ubuntu-jabber.net s2s 9D:E8:C7:2E:58:A9:F5:18:63:BA:4A:9C:AA:9B:C3:D1:03:DF:A1:5F:00:C6:49:9A:EB:20:FB:C5:39:EB:13:6B
xmpp.co c2s A3:35:14:92:30:C6:D7:D0:14:E4:E1:28:06:08:DA:BC:1A:63:F7:31:7B:34:16:32:DA:F5:5A:ED:B3:9C:29:0E
xmpp.is c2s A3:35:14:92:30:C6:D7:D0:14:E4:E1:28:06:08:DA:BC:1A:63:F7:31:7B:34:16:32:DA:F5:5A:ED:B3:9C:29:0E
development.greatdating.site c2s B7:79:B5:65:0E:B0:DA:0C:38:62:45:D4:4C:29:09:B4:8D:89:8B:49:57:21:ED:67:E4:9D:AF:71:A5:13:5F:66
jabber.whiteflagapp.com c2s B7:79:B5:65:0E:B0:DA:0C:38:62:45:D4:4C:29:09:B4:8D:89:8B:49:57:21:ED:67:E4:9D:AF:71:A5:13:5F:66
im.apinc.org c2s E8:F8:76:67:90:D9:F1:4E:B1:9E:90:B6:AB:B4:1E:7C:E8:EA:CC:E1:72:5C:2D:3E:DB:18:BF:DE:59:44:A0:04
im.apinc.org s2s E8:F8:76:67:90:D9:F1:4E:B1:9E:90:B6:AB:B4:1E:7C:E8:EA:CC:E1:72:5C:2D:3E:DB:18:BF:DE:59:44:A0:04
jabber.fr c2s E8:F8:76:67:90:D9:F1:4E:B1:9E:90:B6:AB:B4:1E:7C:E8:EA:CC:E1:72:5C:2D:3E:DB:18:BF:DE:59:44:A0:04
jabber.fr s2s E8:F8:76:67:90:D9:F1:4E:B1:9E:90:B6:AB:B4:1E:7C:E8:EA:CC:E1:72:5C:2D:3E:DB:18:BF:DE:59:44:A0:04