Various reports of all servers tested

Report for december 2013 | Results of the last day | Results of the last week | Results of the last month

TLS versions 415 results

SSL 2 0 0%
SSL 3 4 1%
TLS 1.0 133 32%
TLS 1.1 140 33.7%
TLS 1.2 415 100%

Grades 415 results

A 384 92.5%
B 27 6.5%
C 5 1.2%
D 0 0%
E 0 0%
F 0 0%
Does not penalize untrusted certificates.

RSA key sizes for domain certificates

RSA key size Count
2048 255 66.6%
3072 2 0.5%
4096 126 32.9%

StartTLS

Type Client to server Server to server
Required 247 87% 86 65.6%
Allowed 37 13% 45 34.4%

Trust

To do authenticated encryption, a certificate needs to be both trusted and valid. Trusted means it is issued by a well-known CA and valid means it is valid for the domain we want to connect to.

Trusted Untrusted
Valid 122 26.8% 321 70.4%
Invalid 4 0.9% 9 2%

SASL mechanisms 284 results

Mechanism # times offered before TLS # times offered after TLS
PLAIN 37 13% 281 98.9%
SCRAM-SHA-1 39 13.7% 243 85.6%
SCRAM-SHA-1-PLUS 0 0% 181 63.7%
X-OAUTH2 8 2.8% 72 25.4%
DIGEST-MD5 25 8.8% 50 17.6%
SCRAM-SHA-512-PLUS 0 0% 28 9.9%
SCRAM-SHA-512 2 0.7% 28 9.9%
SCRAM-SHA-256-PLUS 0 0% 28 9.9%
SCRAM-SHA-256 2 0.7% 28 9.9%
CRAM-MD5 16 5.6% 17 6%
JIVE-SHAREDSECRET 6 2.1% 6 2.1%
ANONYMOUS 4 1.4% 4 1.4%
PADE 3 1.1% 3 1.1%
SCRAM-SHA-384 1 0.4% 2 0.7%
TIKITOKEN 2 0.7% 2 0.7%
SCRAM-SHA-384-PLUS 0 0% 2 0.7%
NTLM 1 0.4% 1 0.4%
LOGIN 0 0% 1 0.4%
X-GOOGLE-TOKEN 1 0.4% 1 0.4%
CAS 1 0.4% 1 0.4%
EXTERNAL 0 0% 1 0.4%
SCRAM-SHA-224 1 0.4% 1 0.4%
SCRAM-SHA-224-PLUS 0 0% 1 0.4%
CISCO-VTG-TOKEN 0 0% 1 0.4%

Servers supporting SSL 3, but not TLS 1.0 0 results

SSL 3 and TLS 1.0 are very similar, but TLS 1.0 has some small improvements. This table is meant to help judge whether SSL 3 can be disabled by listing the servers that do support SSL 3, but not TLS 1.0.

Target Type When

Servers supporting SSL 2 0 results

SSL 2 is broken and insecure. It is not required for compatibility and servers should disable it.

Target Type When

CAs used Top 30

Name/Organization SHA1 Count
R3 A0:53:37:5B:FE:84:E8:B7:48:78:2C:7C:EE:15:82:7A:6A:F5:A4:05 256
Sectigo RSA Domain Validation Secure Server CA 33:E4:E8:08:07:20:4C:2B:61:82:A3:A1:4B:59:1A:CD:25:B5:F0:DB 7
ZeroSSL RSA Domain Secure Site CA C8:1A:8B:D1:F9:CF:6D:84:C5:25:F3:78:CA:1D:3F:8C:30:77:0E:34 6
Go Daddy Secure Certificate Authority - G2 27:AC:93:69:FA:F2:52:07:BB:26:27:CE:FA:CC:BE:4E:F9:C3:19:B8 4
E1 09:1E:8E:A1:B2:56:A3:12:96:2A:F6:C1:40:C0:FB:F0:79:A4:07:B3 3
ZeroSSL ECC Domain Secure Site CA 7F:95:27:6D:49:51:49:9F:D7:56:DF:34:4A:A2:4F:B3:8C:EA:F6:78 2
GEANT OV RSA CA 4 C2:82:6E:26:6D:74:05:D3:4E:F8:97:62:63:6A:E4:B3:6E:86:CB:5E 2
Let's Encrypt Authority X3 E6:A3:B4:5B:06:2D:50:9B:33:82:28:2D:19:6E:FE:97:D5:95:6C:CB 2
Thawte TLS RSA CA G1 C9:FE:FC:76:3D:95:48:B4:87:69:6F:04:7A:CB:A0:AB:E4:5C:7B:C1 1
localhost B9:B3:E3:1F:26:CC:BF:DF:1E:78:9D:CA:61:A7:40:C5:FF:9C:E9:83 1
kod.de24.cn A8:13:59:3F:22:85:12:3E:44:D5:7A:E6:AC:34:51:14:CB:90:A4:CA 1
maledictium.ddns.net 58:89:25:38:BC:5C:B6:B9:F1:30:B3:CB:42:40:95:1F:D6:6F:5E:E9 1
Fraunhofer Service CA - G02 52:5D:93:4C:22:9B:60:89:44:49:69:F4:9B:D4:48:83:BD:0C:44:26 1
Conversations CA F9:87:0B:66:B3:81:01:6F:E3:F3:F2:C4:B2:9E:3D:64:54:FA:E5:E8 1
AlphaSSL CA - SHA256 - G2 4C:27:43:17:17:56:5A:3A:07:F3:E6:D0:03:2C:42:58:94:9C:F9:EC 1
flo-server.eu BE:24:C5:53:FB:F5:80:3F:3C:64:85:0C:03:40:2C:2A:51:6F:D7:A5 1
E-Kehat-Ru 8C:7C:F9:14:B1:1F:33:E0:3D:B2:0C:61:68:46:F7:5F:88:A1:D9:53 1
45.67.221.244 66:83:BF:71:BE:3D:C6:8F:B0:32:B7:11:3D:11:68:1F:07:AE:29:55 1
reckless.network 28:2A:7A:58:DC:75:E2:CD:6D:7C:79:59:EE:A4:CC:A7:6E:9E:2C:C9 1
reckless.chat 02:20:84:01:BC:C7:D3:C4:AD:1B:56:12:ED:43:C8:D6:39:6B:6F:BA 1
habarkost.ru C9:20:9D:1F:63:A3:35:EF:C9:7B:C9:01:8A:D0:85:4E:27:AE:F0:45 1
Thawte RSA CA 2018 4D:EE:A7:06:0D:80:BA:BF:16:43:B4:E0:F0:10:4C:82:99:50:75:B7 1
fetecs.cmes.com.tw 4B:86:11:C2:4F:AF:71:DA:FD:68:56:5F:AD:CE:BA:7A:82:EA:EE:CD 1
ejabberd E6:2B:50:58:F1:ED:74:35:DA:15:FE:76:CA:8C:C1:04:D0:94:79:DA 1
certifier.org BB:67:59:59:D7:6A:D4:7E:D1:96:77:04:15:4D:55:BA:B1:E3:41:A4 1
Encryption Everywhere DV TLS CA - G1 59:4F:2D:D1:03:52:C2:36:01:38:EE:35:AA:90:6F:97:3A:A3:0B:D3 1
R3 48:50:4E:97:4C:0D:AC:5B:5C:D4:76:C8:20:22:74:B2:4C:8C:71:72 1
Starfield Secure Certificate Authority - G2 7E:DC:37:6D:CF:D4:5E:6D:DF:08:2C:16:0D:F6:AC:21:83:5B:95:D4 1
xmpp.svtux.fr 3E:55:DB:7B:52:27:75:12:72:C5:DD:03:27:7A:1A:6F:B4:67:57:4A 1
vps662801.ovh.net 42:81:C8:A7:96:DC:F2:51:CA:1D:22:4B:A5:3B:B4:A3:62:F0:60:47 1

Servers using <2048-bit RSA certificates which expires after 01-01-2014 0 results

As described in the CA/Browser Forum Baseline Requirements, certificates with RSA keys with less than 2048 bits should not be issued with an notAfter date after 31-12-2013. This list lists all certificates which violate that rule.

Target Type When Issuer

Servers with DNSSEC signed SRV records 114 results

Target Type When
1337.lgbt client to server
404.city client to server
404.city server to server
4ept.net client to server
5222.de client to server
5222.de server to server
a3.pm client to server
anakojm.net client to server
anakojm.net server to server
annexify.com client to server
annexify.com server to server
asteride.xyz server to server
ba30.eu client to server
berdaguermontes.eu client to server
bgjmpt.eu client to server
bignet.bid client to server
cheogram.com server to server
critiq.one client to server
critiq.one server to server
d10si2p.net client to server
danwin1210.de client to server
danwin1210.de server to server
danwin1210.me client to server
deimos.hackerheaven.org client to server
deimos.hackerheaven.org server to server
dismail.de client to server
disroot.org client to server
elcentral.de client to server
eu.prod.push.monal-im.org server to server
gajim.org server to server
hlpnet.dk client to server
hookipa.net client to server
invy.at client to server
invy.at server to server
istoph.de client to server
jabb3r.de client to server
jabb3r.org client to server
jabber.5july.net client to server
jabber.absturztau.be client to server
jabber.absturztau.be server to server
jabber.am server to server
jabber.at client to server
jabber.at server to server
jabber.calyxinstitute.org client to server
jabber.calyxinstitute.org server to server
jabber.de client to server
jabber.fr client to server
jabber.hot-chilli.eu client to server
jabber.hot-chilli.net client to server
jabber.isc.org client to server
jabber.systemli.org client to server
jabber.systemli.org server to server
jabber.sytes24.pl client to server
jid.pl client to server
jx-stack.xyz client to server
lightmycloud.com client to server
lightwitch.org client to server
lltodd.family client to server
loves.reisen client to server
magicbroccoli.de client to server
magicum.net client to server
mailbox.org client to server
mastodont.cat client to server
mi2bz.com client to server
mi2bz.com server to server
miharu.dedyn.io client to server
miharu.dedyn.io server to server
mii.ovh client to server
monicz.pl client to server
monicz.pl server to server
monocles.de client to server
monocles.de server to server
monocles.eu client to server
mrakonet.cz client to server
nigma.city server to server
nixnet.services client to server
nixnet.services server to server
packetizer.com client to server
parloteo.es client to server
pimux.de client to server
psifactor.pl server to server
pywy.fr client to server
quickbloom.fun client to server
quickbloom.fun server to server
rm3811.net client to server
rm3811.net server to server
skrep.eu client to server
skynetcloud.site client to server
skynetcloud.site server to server
snikket.eu client to server
snikket.eu server to server
snopyta.org client to server
spelt.io client to server
spelt.io server to server
suchat.org client to server
suchat.org server to server
texto-plano.xyz client to server
texto-plano.xyz server to server
thesecure.biz client to server
thesecure.biz server to server
thfree.ru client to server
thfree.ru server to server
trashserver.net client to server
trashserver.net server to server
uniqsys.eu client to server
wasscher.com client to server
wasscher.com server to server
wensley.org.uk server to server
wiuwiu.de client to server
wiuwiu.de server to server
xmpp.co client to server
xmpp.is client to server
xmpp.tzo.pl client to server
xmpp.tzo.pl server to server

Servers with DNSSEC signed DANE records 36 results

Target Type When
5222.de client to server
5222.de server to server
callways.de client to server
callways.de server to server
danwin1210.de client to server
danwin1210.de server to server
dismail.de client to server
hookipa.net client to server
jabb3r.de client to server
jabb3r.org client to server
jabber.at client to server
jabber.at server to server
jabber.calyxinstitute.org client to server
jabber.hot-chilli.eu client to server
jabber.hot-chilli.net client to server
jabber.isc.org client to server
jabber.systemli.org client to server
jabber.systemli.org server to server
jabber.sytes24.pl client to server
lightwitch.org client to server
mailbox.org client to server
monocles.de client to server
monocles.de server to server
monocles.eu client to server
skynetcloud.site client to server
skynetcloud.site server to server
suchat.org client to server
suchat.org server to server
thfree.ru client to server
thfree.ru server to server
uniqsys.eu client to server
wensley.org.uk server to server
wiuwiu.de client to server
wiuwiu.de server to server
yax.im client to server
yax.im server to server

Servers with a hidden service 1 results

Target Type When
jabber.calyxinstitute.org client to server

Servers not offering encryption 0 results

Target Type When

Servers sharing private keys 29 results

Target SHA256(SPKI)
chat.pemlex.de c2s 03:C6:93:19:FF:78:D5:FB:FD:AA:10:5D:59:21:50:2E:E0:1B:E0:69:B7:0C:03:F9:BC:2E:BA:DC:3B:C8:D0:75
pemlex.de c2s 03:C6:93:19:FF:78:D5:FB:FD:AA:10:5D:59:21:50:2E:E0:1B:E0:69:B7:0C:03:F9:BC:2E:BA:DC:3B:C8:D0:75
igniterealtime.org c2s 34:37:E3:9F:45:8D:2C:2A:D7:78:22:77:C7:22:1F:36:FF:E7:FC:1B:EC:02:CD:77:92:65:2B:71:B2:2C:8D:24
xmpp.igniterealtime.org c2s 34:37:E3:9F:45:8D:2C:2A:D7:78:22:77:C7:22:1F:36:FF:E7:FC:1B:EC:02:CD:77:92:65:2B:71:B2:2C:8D:24
monocles.de c2s 35:D7:A2:DD:D6:E9:4A:98:08:54:BD:E7:64:94:63:F0:73:AC:3D:DC:C3:65:9C:6E:CD:EF:00:DF:4B:4F:D4:DC
monocles.de s2s 35:D7:A2:DD:D6:E9:4A:98:08:54:BD:E7:64:94:63:F0:73:AC:3D:DC:C3:65:9C:6E:CD:EF:00:DF:4B:4F:D4:DC
monocles.eu c2s 35:D7:A2:DD:D6:E9:4A:98:08:54:BD:E7:64:94:63:F0:73:AC:3D:DC:C3:65:9C:6E:CD:EF:00:DF:4B:4F:D4:DC
pix-art.de c2s 62:97:24:7A:15:FB:87:EE:49:E5:D3:F3:42:FC:52:42:59:99:BD:EE:AF:5E:D9:A9:74:1C:2B:E0:83:D5:CA:ED
pix-art.de s2s 62:97:24:7A:15:FB:87:EE:49:E5:D3:F3:42:FC:52:42:59:99:BD:EE:AF:5E:D9:A9:74:1C:2B:E0:83:D5:CA:ED
push.pix-art.de s2s 62:97:24:7A:15:FB:87:EE:49:E5:D3:F3:42:FC:52:42:59:99:BD:EE:AF:5E:D9:A9:74:1C:2B:E0:83:D5:CA:ED
144.91.64.224 c2s 7A:CC:5D:08:24:11:5C:98:AF:52:10:AC:33:91:76:FE:35:DD:85:AD:C1:55:F5:42:DA:D6:77:D0:37:6B:EC:23
flo-server.eu c2s 7A:CC:5D:08:24:11:5C:98:AF:52:10:AC:33:91:76:FE:35:DD:85:AD:C1:55:F5:42:DA:D6:77:D0:37:6B:EC:23
xmpp.co c2s 82:FE:75:7C:22:C7:DE:D8:FF:EC:B3:16:3C:B2:A6:F4:9A:AA:41:9A:4A:13:FC:20:FC:BC:E1:0C:3D:6B:CF:63
xmpp.is c2s 82:FE:75:7C:22:C7:DE:D8:FF:EC:B3:16:3C:B2:A6:F4:9A:AA:41:9A:4A:13:FC:20:FC:BC:E1:0C:3D:6B:CF:63
xmpp-stg.way2cloud.gocurb.com c2s 9D:E0:FC:6B:A6:3A:B3:7D:0D:65:F7:66:25:AB:58:79:D4:99:8F:64:F5:22:62:F0:00:B9:F5:54:AF:DA:96:A3
xmpp.way2cloud.gocurb.com c2s 9D:E0:FC:6B:A6:3A:B3:7D:0D:65:F7:66:25:AB:58:79:D4:99:8F:64:F5:22:62:F0:00:B9:F5:54:AF:DA:96:A3
34.230.131.18 c2s B7:79:B5:65:0E:B0:DA:0C:38:62:45:D4:4C:29:09:B4:8D:89:8B:49:57:21:ED:67:E4:9D:AF:71:A5:13:5F:66
asgard9.ddns.net c2s B7:79:B5:65:0E:B0:DA:0C:38:62:45:D4:4C:29:09:B4:8D:89:8B:49:57:21:ED:67:E4:9D:AF:71:A5:13:5F:66
omemo.im s2s B7:79:B5:65:0E:B0:DA:0C:38:62:45:D4:4C:29:09:B4:8D:89:8B:49:57:21:ED:67:E4:9D:AF:71:A5:13:5F:66
01337.io c2s F1:50:B4:0F:DF:68:71:F0:6C:FB:42:E4:DC:6A:77:7F:D1:ED:C1:2B:6A:A2:B0:8C:A2:B7:05:47:B3:7B:60:4B
01337.ru c2s F1:50:B4:0F:DF:68:71:F0:6C:FB:42:E4:DC:6A:77:7F:D1:ED:C1:2B:6A:A2:B0:8C:A2:B7:05:47:B3:7B:60:4B
0day.im c2s F1:50:B4:0F:DF:68:71:F0:6C:FB:42:E4:DC:6A:77:7F:D1:ED:C1:2B:6A:A2:B0:8C:A2:B7:05:47:B3:7B:60:4B
0day.la c2s F1:50:B4:0F:DF:68:71:F0:6C:FB:42:E4:DC:6A:77:7F:D1:ED:C1:2B:6A:A2:B0:8C:A2:B7:05:47:B3:7B:60:4B
darknet.im c2s F1:50:B4:0F:DF:68:71:F0:6C:FB:42:E4:DC:6A:77:7F:D1:ED:C1:2B:6A:A2:B0:8C:A2:B7:05:47:B3:7B:60:4B
darknet.im s2s F1:50:B4:0F:DF:68:71:F0:6C:FB:42:E4:DC:6A:77:7F:D1:ED:C1:2B:6A:A2:B0:8C:A2:B7:05:47:B3:7B:60:4B
hell.la c2s F1:50:B4:0F:DF:68:71:F0:6C:FB:42:E4:DC:6A:77:7F:D1:ED:C1:2B:6A:A2:B0:8C:A2:B7:05:47:B3:7B:60:4B
shadownet.su c2s F1:50:B4:0F:DF:68:71:F0:6C:FB:42:E4:DC:6A:77:7F:D1:ED:C1:2B:6A:A2:B0:8C:A2:B7:05:47:B3:7B:60:4B
sure.im c2s F7:2F:F4:F7:62:76:68:CB:FB:92:E9:D1:4C:FF:54:DF:3C:7C:27:47:5B:BD:56:FB:A3:E0:21:3C:2F:47:60:8C
tigase.im c2s F7:2F:F4:F7:62:76:68:CB:FB:92:E9:D1:4C:FF:54:DF:3C:7C:27:47:5B:BD:56:FB:A3:E0:21:3C:2F:47:60:8C