Various reports of all servers tested

Report for december 2013 | Results of the last day | Results of the last week | Results of the last month

TLS versions 612 results

SSL 2 0 0%
SSL 3 4 0.7%
TLS 1.0 238 38.9%
TLS 1.1 272 44.4%
TLS 1.2 607 99.2%

Grades 612 results

A 553 90.4%
B 51 8.3%
C 8 1.3%
D 0 0%
E 0 0%
F 0 0%
Does not penalize untrusted certificates.

RSA key sizes for domain certificates

RSA key size Count
1024 4 0.7%
2048 380 63.8%
3072 9 1.5%
4096 203 34.1%

StartTLS

Type Client to server Server to server
Required 329 84.6% 161 71.9%
Allowed 60 15.4% 63 28.1%

Trust

To do authenticated encryption, a certificate needs to be both trusted and valid. Trusted means it is issued by a well-known CA and valid means it is valid for the domain we want to connect to.

Trusted Untrusted
Valid 595 89.1% 40 6%
Invalid 6 0.9% 27 4%

SASL mechanisms 388 results

Mechanism # times offered before TLS # times offered after TLS
PLAIN 61 15.7% 380 97.9%
SCRAM-SHA-1 60 15.5% 326 84%
SCRAM-SHA-1-PLUS 0 0% 196 50.5%
X-OAUTH2 19 4.9% 86 22.2%
DIGEST-MD5 43 11.1% 77 19.8%
SCRAM-SHA-512-PLUS 0 0% 24 6.2%
SCRAM-SHA-512 1 0.3% 24 6.2%
SCRAM-SHA-256 1 0.3% 23 5.9%
CRAM-MD5 23 5.9% 23 5.9%
SCRAM-SHA-256-PLUS 0 0% 22 5.7%
ANONYMOUS 8 2.1% 9 2.3%
EXTERNAL 0 0% 7 1.8%
JIVE-SHAREDSECRET 3 0.8% 3 0.8%
X-GOOGLE-TOKEN 3 0.8% 3 0.8%
NTLM 2 0.5% 2 0.5%
OFMEET 1 0.3% 1 0.3%
MAX-PLAIN 1 0.3% 1 0.3%
X-OAUTH 1 0.3% 1 0.3%
SCRAM-SHA-384-PLUS 0 0% 1 0.3%
CISCO-VTG-TOKEN 0 0% 1 0.3%
OAUTHBEARER 0 0% 1 0.3%
SCRAM-SHA-384 0 0% 1 0.3%

Servers supporting SSL 3, but not TLS 1.0 0 results

SSL 3 and TLS 1.0 are very similar, but TLS 1.0 has some small improvements. This table is meant to help judge whether SSL 3 can be disabled by listing the servers that do support SSL 3, but not TLS 1.0.

Target Type When

Servers supporting SSL 2 0 results

SSL 2 is broken and insecure. It is not required for compatibility and servers should disable it.

Target Type When

CAs used Top 30

Name/Organization SHA1 Count
R3 48:50:4E:97:4C:0D:AC:5B:5C:D4:76:C8:20:22:74:B2:4C:8C:71:72 231
Let's Encrypt Authority X3 E6:A3:B4:5B:06:2D:50:9B:33:82:28:2D:19:6E:FE:97:D5:95:6C:CB 119
Sectigo RSA Domain Validation Secure Server CA 33:E4:E8:08:07:20:4C:2B:61:82:A3:A1:4B:59:1A:CD:25:B5:F0:DB 9
DFN-Verein Global Issuing CA C9:DC:B0:47:AC:8C:5F:09:05:ED:77:52:8C:BD:4B:84:D9:46:3C:45 6
R3 A0:53:37:5B:FE:84:E8:B7:48:78:2C:7C:EE:15:82:7A:6A:F5:A4:05 5
GTS CA 1O1 DF:E2:07:0C:79:E7:FF:36:A9:25:FF:A3:27:FF:E3:DE:EC:F8:F9:C2 4
Go Daddy Secure Certificate Authority - G2 27:AC:93:69:FA:F2:52:07:BB:26:27:CE:FA:CC:BE:4E:F9:C3:19:B8 2
Encryption Everywhere DV TLS CA - G1 59:4F:2D:D1:03:52:C2:36:01:38:EE:35:AA:90:6F:97:3A:A3:0B:D3 2
SwissSign Server Gold CA 2014 - G22 AD:F2:89:73:16:71:8B:45:25:CE:37:00:82:D9:F1:23:D4:93:8F:98 1
groupware7.clearbearing.com AB:57:1A:23:60:C9:5C:D4:2F:07:81:CC:42:D3:A3:BE:53:D1:68:E6 1
GeoTrust EV RSA CA 2018 A3:99:04:64:17:B6:7E:32:0D:3E:FA:69:D7:DC:E6:B8:BF:E8:A9:F2 1
COMODO RSA Domain Validation Secure Server CA 33:9C:DD:57:CF:D5:B1:41:16:9B:61:5F:F3:14:28:78:2D:1D:A6:39 1
*.ios.sozialstation.chat 00:0E:9C:ED:8A:0A:AD:44:75:62:17:40:BB:77:F5:74:79:A0:16:CF 1
meet.syspart.net F6:A2:E2:8A:BB:2E:90:0F:75:F7:95:6F:55:80:7C:B6:BE:A2:90:A3 1
jitsi.metitech.eu 0F:0C:0E:4A:B8:CF:24:57:EF:4B:81:E5:75:B0:22:0F:37:72:49:E2 1
lhndev.com 19:90:E9:33:48:A0:77:B3:D5:A7:95:79:D0:A2:26:59:DA:B4:BE:3B 1
GeoTrust RSA CA 2018 7C:CC:2A:87:E3:94:9F:20:57:2B:18:48:29:80:50:5F:A9:0C:AC:3B 1
ejabberd Community Server Test Certificate 74:82:AB:54:E7:09:17:4A:D3:67:9D:37:3B:3B:4E:FD:ED:A7:A4:1B 1
SSL.com RSA SSL subCA 33:EE:4E:37:0A:8D:90:FD:4B:14:45:E6:72:22:6C:4B:82:9C:C6:D2 1
GoGetSSL ECC DV CA 42:3C:4D:04:4F:06:9B:64:35:BF:FC:89:6F:36:8F:D3:35:D0:EF:36 1
XMPP server 75:77:77:BC:2E:E0:9D:12:05:65:B1:2A:7D:21:16:63:39:91:73:30 1
td 84:5D:66:77:78:EA:CC:D5:2C:56:86:43:A4:EE:E2:49:1C:50:5A:B5 1
raspi2 3D:70:5B:B2:75:ED:61:A0:6D:D9:3C:E2:1A:63:DF:C4:DD:08:AD:A9 1
localhost B9:B3:E3:1F:26:CC:BF:DF:1E:78:9D:CA:61:A7:40:C5:FF:9C:E9:83 1
ejabberd 6B:F4:69:DF:D8:89:B3:6B:30:C8:5A:DF:E7:CC:1C:16:42:0E:14:EA 1
freedombox 18:92:0A:35:B8:D1:41:56:C5:15:6A:73:4E:37:84:B4:54:AB:19:EC 1
cstcoeur.xyz EE:81:5D:F8:3E:83:6A:1F:C7:AE:D7:E0:B2:9F:C1:0D:45:5A:BB:00 1
ZeroSSL RSA Domain Secure Site CA C8:1A:8B:D1:F9:CF:6D:84:C5:25:F3:78:CA:1D:3F:8C:30:77:0E:34 1
RapidSSL RSA CA 2018 98:C6:A8:DC:88:79:63:BA:3C:F9:C2:73:1C:BD:D3:F7:DE:05:AC:2D 1
grieg.openfmi.net 1D:92:25:2C:E9:A9:FE:61:8B:92:64:85:D0:18:0B:D7:FA:61:0F:F7 1

Servers using <2048-bit RSA certificates which expires after 01-01-2014 4 results

As described in the CA/Browser Forum Baseline Requirements, certificates with RSA keys with less than 2048 bits should not be issued with an notAfter date after 31-12-2013. This list lists all certificates which violate that rule.

Target Type When Issuer
grieg.openfmi.net client to server grieg.openfmi.net
im.bria-x.net client to server *.im.bria-x.net
ios.sozialstation.chat client to server *.ios.sozialstation.chat
topsec.in client to server topsec.in

Servers with DNSSEC signed SRV records 152 results

Target Type When
0x00.nz client to server
0x00.nz server to server
2718282.net client to server
2718282.net server to server
404.city server to server
4ept.net client to server
5222.de client to server
5222.de server to server
a3.pm client to server
airhorn.de client to server
airhorn.de server to server
anoxinon.me client to server
autistici.org client to server
ba30.eu client to server
babai.ru client to server
babai.ru server to server
bangpath.net server to server
bells23.org.uk client to server
bells23.org.uk server to server
benny.de server to server
blabler.pl server to server
calyxinstitute.org client to server
campanella.org client to server
campanella.org server to server
ceplovi.cz client to server
ceplovi.cz server to server
charl.eu client to server
chat.nwb.ovh client to server
chat.schmiggywibblits.net client to server
chat.vulpes.one client to server
chat.vulpes.one server to server
chinwag.org client to server
cloudfiles.at client to server
cloudfiles.at server to server
competenceslinux.com client to server
competenceslinux.com server to server
conference.postadigitale.org server to server
cymaniac.net client to server
danwin1210.me client to server
datenknoten.me client to server
datensklave.net client to server
datensklave.net server to server
dismail.de client to server
dismail.de server to server
disroot.org client to server
disroot.org server to server
dwimlabs.net client to server
dwimlabs.net server to server
eckmul.net client to server
elinvention.ovh client to server
elinvention.ovh server to server
gedalya.net client to server
handb.xyz client to server
handb.xyz server to server
honigdachse.de client to server
hookipa.net client to server
hookipa.net server to server
hot-chilli.net client to server
hrz.tu-darmstadt.de client to server
iluha.de client to server
im.icttci.cz client to server
im.mikrocon.de client to server
invy.at client to server
ixeg.nl client to server
jabber.5july.net client to server
jabber.5july.net server to server
jabber.absturztau.be client to server
jabber.at client to server
jabber.at server to server
jabber.calyxinstitute.org client to server
jabber.calyxinstitute.org server to server
jabber.cat client to server
jabber.de client to server
jabber.de server to server
jabber.fr client to server
jabber.freenet.de server to server
jabber.hot-chilli.net client to server
jabber.pestnagel.org client to server
jabber.pestnagel.org server to server
jabberpl.org client to server
jabberpl.org server to server
jabber.systemli.org client to server
jabber.systemli.org server to server
jabber.sytes24.pl client to server
jabber.tcpreset.net client to server
jabber.uk server to server
kagouille.fr client to server
kagouille.fr server to server
kaoskinder.de client to server
kolo.fr client to server
lain.sh client to server
lain.sh server to server
landofkittens.club server to server
lightwitch.org client to server
lightwitch.org server to server
magicum.net server to server
mailbox.org client to server
mdosch.de client to server
mevogt.de client to server
monocles.de client to server
multi-vpn.biz client to server
netfg.net client to server
nlnet.nl server to server
nologs.at client to server
nologs.at server to server
null-pointer.eu client to server
oakforest.in client to server
oakforest.in server to server
olomono.de server to server
parloteo.es client to server
parloteo.es server to server
pepta.net client to server
pimux.de client to server
pimux.de server to server
poyo.ch client to server
poyo.ch server to server
psifactor.pl client to server
psifactor.pl server to server
q7e.de client to server
riseup.net client to server
sarkar.xyz client to server
sarkar.xyz server to server
sbl-dev.ca client to server
self-hosted.me client to server
shreddox.eu client to server
shreddox.eu server to server
simplewire.de client to server
skynetcloud.site client to server
skynetcloud.site server to server
snopyta.org client to server
stratum0.org client to server
suchat.org client to server
sukany.cz client to server
systemausfall.org client to server
tgawlik.com.pl client to server
thesecure.biz client to server
trashserver.net client to server
trashserver.net server to server
wiuwiu.de client to server
x0.chat server to server
xmpp.centurion-it.site client to server
xmpp-hosting.de client to server
xmpp-hosting.de server to server
xmpp.is client to server
xmpp.social client to server
xmpp.social server to server
x.mujik.fr client to server
x.mujik.fr server to server
ynnx.eu client to server
ynnx.eu server to server
z.nom.pl client to server
z.nom.pl server to server

Servers with DNSSEC signed DANE records 0 results

Target Type When

Servers with a hidden service 2 results

Target Type When
jabber.calyxinstitute.org client to server
jabber.calyxinstitute.org server to server

Servers not offering encryption 11 results

Target Type When
agau.us client to server
campanella.org server to server
chopin.openfmi.net server to server
im.libertad-2020.eu client to server
mike.fmi.fail server to server
schubert.openfmi.net client to server
schubert.openfmi.net server to server
sibelius.openfmi.net server to server
veresov.pro client to server
veresov.pro server to server
xmpp.chopin.openfmi.net server to server

Servers sharing private keys 39 results

Target SHA256(SPKI)
chat.octosrv.me c2s 0C:A7:65:B2:FC:4D:8F:81:D7:86:13:98:2F:1F:3E:1B:42:48:A8:59:32:44:84:E2:46:C7:37:C3:92:15:CC:75
octosrv.me c2s 0C:A7:65:B2:FC:4D:8F:81:D7:86:13:98:2F:1F:3E:1B:42:48:A8:59:32:44:84:E2:46:C7:37:C3:92:15:CC:75
bria-x302497.bria-x.com c2s 1E:A5:A6:D5:B2:ED:9C:AC:85:3B:9A:9F:34:21:30:C1:D6:97:C6:43:7C:5D:F2:73:BA:0B:52:25:20:D3:B9:6D
im.bria-x.com c2s 1E:A5:A6:D5:B2:ED:9C:AC:85:3B:9A:9F:34:21:30:C1:D6:97:C6:43:7C:5D:F2:73:BA:0B:52:25:20:D3:B9:6D
testiing123.bria-x.com c2s 1E:A5:A6:D5:B2:ED:9C:AC:85:3B:9A:9F:34:21:30:C1:D6:97:C6:43:7C:5D:F2:73:BA:0B:52:25:20:D3:B9:6D
nick7.com c2s 32:70:99:39:CE:B9:D5:2A:FF:D5:53:B0:8A:92:9B:EE:61:1C:91:57:BA:A8:13:FC:85:43:5F:73:5A:AC:5D:F5
nick7.com s2s 32:70:99:39:CE:B9:D5:2A:FF:D5:53:B0:8A:92:9B:EE:61:1C:91:57:BA:A8:13:FC:85:43:5F:73:5A:AC:5D:F5
xmpp.nick7.com c2s 32:70:99:39:CE:B9:D5:2A:FF:D5:53:B0:8A:92:9B:EE:61:1C:91:57:BA:A8:13:FC:85:43:5F:73:5A:AC:5D:F5
xmpp.nick7.com s2s 32:70:99:39:CE:B9:D5:2A:FF:D5:53:B0:8A:92:9B:EE:61:1C:91:57:BA:A8:13:FC:85:43:5F:73:5A:AC:5D:F5
pix-art.de c2s 3D:41:E4:0C:23:EE:97:B3:8A:A6:61:89:7F:6B:1A:AD:5E:80:6C:C6:9E:DF:80:6C:8D:C9:03:FA:A2:11:B5:98
push.pix-art.de s2s 3D:41:E4:0C:23:EE:97:B3:8A:A6:61:89:7F:6B:1A:AD:5E:80:6C:C6:9E:DF:80:6C:8D:C9:03:FA:A2:11:B5:98
die-fachschaft.de s2s 5B:A4:9F:37:5E:60:6F:A5:D5:69:5B:A9:5F:A7:5E:7D:AE:B5:BB:8B:FC:4D:A8:06:E4:E6:F0:90:C8:2F:5F:A2
xmpp.die-fachschaft.de c2s 5B:A4:9F:37:5E:60:6F:A5:D5:69:5B:A9:5F:A7:5E:7D:AE:B5:BB:8B:FC:4D:A8:06:E4:E6:F0:90:C8:2F:5F:A2
xmpp.is c2s A0:FC:51:10:2F:EE:8C:D5:AA:2D:59:09:66:22:DD:67:49:8F:4A:A0:5C:E8:3D:DC:57:32:41:94:9F:93:2F:AE
xmpp.si s2s A0:FC:51:10:2F:EE:8C:D5:AA:2D:59:09:66:22:DD:67:49:8F:4A:A0:5C:E8:3D:DC:57:32:41:94:9F:93:2F:AE
draugr.de c2s B4:CD:AD:11:76:DE:12:6B:77:2C:40:5E:AC:A5:42:5D:4D:84:4B:5C:47:C1:98:12:A9:79:06:21:2A:0D:60:8C
ubuntu-jabber.de c2s B4:CD:AD:11:76:DE:12:6B:77:2C:40:5E:AC:A5:42:5D:4D:84:4B:5C:47:C1:98:12:A9:79:06:21:2A:0D:60:8C
xabber.de c2s B4:CD:AD:11:76:DE:12:6B:77:2C:40:5E:AC:A5:42:5D:4D:84:4B:5C:47:C1:98:12:A9:79:06:21:2A:0D:60:8C
xabber.de s2s B4:CD:AD:11:76:DE:12:6B:77:2C:40:5E:AC:A5:42:5D:4D:84:4B:5C:47:C1:98:12:A9:79:06:21:2A:0D:60:8C
95.85.114.218 c2s B7:79:B5:65:0E:B0:DA:0C:38:62:45:D4:4C:29:09:B4:8D:89:8B:49:57:21:ED:67:E4:9D:AF:71:A5:13:5F:66
imexgrand.com c2s B7:79:B5:65:0E:B0:DA:0C:38:62:45:D4:4C:29:09:B4:8D:89:8B:49:57:21:ED:67:E4:9D:AF:71:A5:13:5F:66
ironjanowar.hopto.org c2s B7:79:B5:65:0E:B0:DA:0C:38:62:45:D4:4C:29:09:B4:8D:89:8B:49:57:21:ED:67:E4:9D:AF:71:A5:13:5F:66
nextdoor.ws c2s B7:79:B5:65:0E:B0:DA:0C:38:62:45:D4:4C:29:09:B4:8D:89:8B:49:57:21:ED:67:E4:9D:AF:71:A5:13:5F:66
wa3percent.org c2s B7:79:B5:65:0E:B0:DA:0C:38:62:45:D4:4C:29:09:B4:8D:89:8B:49:57:21:ED:67:E4:9D:AF:71:A5:13:5F:66
wa3percent.org s2s B7:79:B5:65:0E:B0:DA:0C:38:62:45:D4:4C:29:09:B4:8D:89:8B:49:57:21:ED:67:E4:9D:AF:71:A5:13:5F:66
wolf1.fluff.space c2s B7:79:B5:65:0E:B0:DA:0C:38:62:45:D4:4C:29:09:B4:8D:89:8B:49:57:21:ED:67:E4:9D:AF:71:A5:13:5F:66
xmpp.sflix.ml c2s B7:79:B5:65:0E:B0:DA:0C:38:62:45:D4:4C:29:09:B4:8D:89:8B:49:57:21:ED:67:E4:9D:AF:71:A5:13:5F:66
competenceslinux.com s2s B9:04:55:DC:6E:38:D0:98:1E:5B:B8:86:FA:2F:6C:77:70:8C:D0:A7:21:EF:19:48:53:65:9D:0B:C5:91:52:84
conf.tn c2s B9:04:55:DC:6E:38:D0:98:1E:5B:B8:86:FA:2F:6C:77:70:8C:D0:A7:21:EF:19:48:53:65:9D:0B:C5:91:52:84
miskywhixer.de c2s C2:52:26:0E:D3:D6:41:E1:00:C4:0E:F4:3C:BA:EF:17:D4:D2:B0:D5:B7:19:53:0F:54:04:2F:AD:76:EB:FB:3D
wotsepp.de c2s C2:52:26:0E:D3:D6:41:E1:00:C4:0E:F4:3C:BA:EF:17:D4:D2:B0:D5:B7:19:53:0F:54:04:2F:AD:76:EB:FB:3D
wotsepp.de s2s C2:52:26:0E:D3:D6:41:E1:00:C4:0E:F4:3C:BA:EF:17:D4:D2:B0:D5:B7:19:53:0F:54:04:2F:AD:76:EB:FB:3D
push.tigase.im s2s D1:EA:8F:EF:78:10:D0:89:7C:0A:99:DE:5B:15:60:EB:E1:12:19:E6:CF:1F:0A:F9:45:C1:8E:C4:0E:D8:E5:74
tigase.im c2s D1:EA:8F:EF:78:10:D0:89:7C:0A:99:DE:5B:15:60:EB:E1:12:19:E6:CF:1F:0A:F9:45:C1:8E:C4:0E:D8:E5:74
imkerei.wien s2s E4:7F:47:AA:AB:4E:BF:6A:F9:84:10:FA:18:3B:E3:E0:65:35:EB:7F:85:4D:DD:64:3B:5E:7E:F7:6E:31:48:E0
niemeczek.at c2s E4:7F:47:AA:AB:4E:BF:6A:F9:84:10:FA:18:3B:E3:E0:65:35:EB:7F:85:4D:DD:64:3B:5E:7E:F7:6E:31:48:E0
niemeczek.at s2s E4:7F:47:AA:AB:4E:BF:6A:F9:84:10:FA:18:3B:E3:E0:65:35:EB:7F:85:4D:DD:64:3B:5E:7E:F7:6E:31:48:E0
pix-art.de s2s E6:B5:8B:56:F8:8A:3C:E8:1F:67:21:D4:89:D8:70:CE:C6:0A:BA:7A:22:0F:AF:A3:F0:2A:65:50:DE:5C:85:55
room.pix-art.de s2s E6:B5:8B:56:F8:8A:3C:E8:1F:67:21:D4:89:D8:70:CE:C6:0A:BA:7A:22:0F:AF:A3:F0:2A:65:50:DE:5C:85:55