Various reports of all servers tested

Report for december 2013 | Results of the last day | Results of the last week | Results of the last month

TLS versions 455 results

SSL 2 2 0.4%
SSL 3 7 1.5%
TLS 1.0 204 44.8%
TLS 1.1 215 47.3%
TLS 1.2 452 99.3%

Grades 455 results

A 423 93%
B 24 5.3%
C 6 1.3%
D 0 0%
E 0 0%
F 2 0.4%
Does not penalize untrusted certificates.

RSA key sizes for domain certificates

RSA key size Count
2048 279 66.3%
3072 4 1%
4096 137 32.5%
8192 1 0.2%

StartTLS

Type Client to server Server to server
Required 277 89.9% 103 70.1%
Allowed 31 10.1% 44 29.9%

Trust

To do authenticated encryption, a certificate needs to be both trusted and valid. Trusted means it is issued by a well-known CA and valid means it is valid for the domain we want to connect to.

Trusted Untrusted
Valid 439 89% 39 7.9%
Invalid 5 1% 10 2%

SASL mechanisms 308 results

Mechanism # times offered before TLS # times offered after TLS
PLAIN 27 8.8% 304 98.7%
SCRAM-SHA-1 28 9.1% 268 87%
SCRAM-SHA-1-PLUS 0 0% 205 66.6%
X-OAUTH2 9 2.9% 82 26.6%
DIGEST-MD5 18 5.8% 44 14.3%
SCRAM-SHA-512 0 0% 25 8.1%
SCRAM-SHA-512-PLUS 0 0% 25 8.1%
SCRAM-SHA-256-PLUS 0 0% 24 7.8%
SCRAM-SHA-256 0 0% 24 7.8%
CRAM-MD5 10 3.2% 11 3.6%
JIVE-SHAREDSECRET 4 1.3% 4 1.3%
SCRAM-SHA-224-PLUS 0 0% 2 0.6%
MAX-PLAIN 2 0.6% 2 0.6%
SCRAM-SHA-224 0 0% 2 0.6%
ANONYMOUS 2 0.6% 2 0.6%
SCRAM-SHA-384 0 0% 2 0.6%
SCRAM-SHA-384-PLUS 0 0% 2 0.6%
X-OAUTH 2 0.6% 2 0.6%
TIKITOKEN 1 0.3% 1 0.3%
X-GOOGLE-TOKEN 1 0.3% 1 0.3%
LOGIN 0 0% 1 0.3%
PADE 1 0.3% 1 0.3%

Servers supporting SSL 3, but not TLS 1.0 0 results

SSL 3 and TLS 1.0 are very similar, but TLS 1.0 has some small improvements. This table is meant to help judge whether SSL 3 can be disabled by listing the servers that do support SSL 3, but not TLS 1.0.

Target Type When

Servers supporting SSL 2 2 results

SSL 2 is broken and insecure. It is not required for compatibility and servers should disable it.

Target Type When
jabber.rol.ru server to server
s.ms client to server

CAs used Top 30

Name/Organization SHA1 Count
R3 A0:53:37:5B:FE:84:E8:B7:48:78:2C:7C:EE:15:82:7A:6A:F5:A4:05 236
R3 48:50:4E:97:4C:0D:AC:5B:5C:D4:76:C8:20:22:74:B2:4C:8C:71:72 47
Go Daddy Secure Certificate Authority - G2 27:AC:93:69:FA:F2:52:07:BB:26:27:CE:FA:CC:BE:4E:F9:C3:19:B8 5
Sectigo RSA Domain Validation Secure Server CA 33:E4:E8:08:07:20:4C:2B:61:82:A3:A1:4B:59:1A:CD:25:B5:F0:DB 5
Let's Encrypt Authority X3 E6:A3:B4:5B:06:2D:50:9B:33:82:28:2D:19:6E:FE:97:D5:95:6C:CB 3
Thawte TLS RSA CA G1 C9:FE:FC:76:3D:95:48:B4:87:69:6F:04:7A:CB:A0:AB:E4:5C:7B:C1 2
E1 09:1E:8E:A1:B2:56:A3:12:96:2A:F6:C1:40:C0:FB:F0:79:A4:07:B3 2
Conversations CA F9:87:0B:66:B3:81:01:6F:E3:F3:F2:C4:B2:9E:3D:64:54:FA:E5:E8 2
Thawte RSA CA 2018 4D:EE:A7:06:0D:80:BA:BF:16:43:B4:E0:F0:10:4C:82:99:50:75:B7 2
chat.gazduireit.ro 2B:CF:1A:2C:E5:2F:80:6C:A0:44:E8:BB:56:A8:A1:60:7A:FE:07:38 1
GoGetSSL ECC DV CA 42:3C:4D:04:4F:06:9B:64:35:BF:FC:89:6F:36:8F:D3:35:D0:EF:36 1
conserv.ddnss.de 54:25:AA:60:48:47:9E:03:4B:B6:6B:2A:91:3E:14:C4:01:B0:53:DB 1
ns1.openssh.eu B4:9A:1E:63:66:77:7D:D7:17:92:67:6C:11:42:C5:E7:79:CF:23:17 1
(Unknown) 91:17:72:67:5C:51:66:2B:0A:E9:B7:5E:1F:A0:00:D5:BC:0F:EF:E2 1
freedombox 04:B7:FE:C5:CC:F3:06:9A:68:0C:E6:43:46:F4:EC:D7:77:48:3D:9A 1
havana.pw EF:8C:16:02:09:35:D5:03:03:1B:CC:77:1C:CB:B7:45:15:3C:B5:1D 1
localhost B9:B3:E3:1F:26:CC:BF:DF:1E:78:9D:CA:61:A7:40:C5:FF:9C:E9:83 1
parsec2.unicampania.it 2D:31:97:88:86:31:A9:8B:4B:30:90:4E:68:25:9B:CF:D5:06:87:E7 1
nulltrading.com 5E:4B:F5:A9:78:44:C7:CE:60:98:44:B4:BF:75:BB:DC:5D:C0:D5:96 1
Sectigo RSA Organization Validation Secure Server CA 40:CE:F3:04:6C:91:6E:D7:AE:55:7F:60:E7:68:42:82:8B:51:DE:53 1
69peshloche.uk 4F:12:BB:B2:0C:34:78:1D:BD:8A:82:7A:6E:05:6B:BE:D0:F9:2C:C2 1
PSYCAST-CA 86:1F:8E:6C:0C:C3:40:14:21:43:42:1A:2E:50:D9:6A:F9:D9:54:B0 1
ZeroSSL RSA Domain Secure Site CA C8:1A:8B:D1:F9:CF:6D:84:C5:25:F3:78:CA:1D:3F:8C:30:77:0E:34 1
RapidSSL RSA CA 2018 98:C6:A8:DC:88:79:63:BA:3C:F9:C2:73:1C:BD:D3:F7:DE:05:AC:2D 1
ejabberd C2:A0:F3:93:74:5B:DA:26:B7:E6:81:3F:64:65:07:31:2C:98:40:59 1
StartCom Class 1 DV Server CA 39:8E:19:36:63:9B:A5:20:6D:F5:17:9B:FB:B7:01:09:33:96:94:00 1
kortex.ch DE:9C:EF:F0:24:02:3D:46:27:79:CB:A5:38:6E:F5:5E:7F:86:68:7E 1
RapidSSL TLS RSA CA G1 CB:FE:9E:B4:3B:3B:37:FE:0D:FB:C4:C2:EB:2D:4E:07:D0:8B:D8:E8 1
ps 3E:1B:ED:74:3B:4C:AE:18:AE:C4:56:37:F9:77:49:76:E4:DB:47:FC 1
localhost E6:40:9E:4A:C4:14:EC:34:68:09:29:93:32:9D:1F:48:C5:22:6A:B4 1

Servers using <2048-bit RSA certificates which expires after 01-01-2014 0 results

As described in the CA/Browser Forum Baseline Requirements, certificates with RSA keys with less than 2048 bits should not be issued with an notAfter date after 31-12-2013. This list lists all certificates which violate that rule.

Target Type When Issuer

Servers with DNSSEC signed SRV records 108 results

Target Type When
07f.de server to server
404.city client to server
404.city server to server
5222.de client to server
5222.de server to server
a3.pm client to server
acorns.info client to server
acorns.info server to server
aegeria.xyz client to server
anoxinon.me client to server
anoxinon.me server to server
apirie.uk client to server
apirie.uk server to server
blug.moe client to server
cdom.de client to server
cloudfiles.at client to server
cloudfiles.at server to server
core.radiosignal.net client to server
core.radiosignal.net server to server
d10si2p.net client to server
danwin1210.me client to server
dismail.de client to server
dismail.de server to server
disroot.org client to server
disroot.org server to server
dpc.re client to server
elaon.de client to server
elaon.de server to server
frolova.org client to server
frolova.org server to server
frolov.net client to server
frolov.net server to server
habets.dev client to server
honigdachse.de client to server
hookipa.net client to server
hookipa.net server to server
hot-chilli.eu client to server
hot-chilli.net client to server
im.hoppe.in client to server
impfpush.de client to server
impfpush.de server to server
im.sysn.space server to server
jabb3r.de client to server
jabb3r.org client to server
jabber.absturztau.be server to server
jabber.at client to server
jabber.calyxinstitute.org client to server
jabber.calyxinstitute.org server to server
jabber.cat client to server
jabber.de client to server
jabber.de server to server
jabber.fr client to server
jabber.hot-chilli.net client to server
jabber.mafiasi.de client to server
jabber.mafiasi.de server to server
jabber.minenkolonisten.de client to server
jabber.neurosoft.pl client to server
jabber.schnied.net client to server
jabber.systemli.org client to server
mailbox.org client to server
mattrude.com client to server
monero.men client to server
monocles.de client to server
nekomimi.cafe client to server
netriscs.com client to server
netriscs.com server to server
nigma.city client to server
nigma.city server to server
nixnet.services client to server
nixnet.services server to server
ns1.openssh.eu client to server
parloteo.es client to server
parloteo.es server to server
pidginchat.com client to server
pimux.de client to server
pleroma.pt server to server
psifactor.pl client to server
psifactor.pl server to server
puffyan.us client to server
puffyan.us server to server
pywy.fr client to server
raghavgururajan.name client to server
raghavgururajan.name server to server
remoteham.dedyn.io client to server
serafean.cz client to server
serafean.cz server to server
skynetcloud.site client to server
skynetcloud.site server to server
smtp.cheogram.com server to server
snopyta.org client to server
suchat.org client to server
terrible.place server to server
thesecure.biz client to server
thfree.ru client to server
thfree.ru server to server
trashserver.net client to server
trashserver.net server to server
wiuwiu.de client to server
wiuwiu.de server to server
xmpp.bubbletea.dev client to server
xmpp.bubbletea.dev server to server
xmpp.is client to server
xmpp.libretank.org client to server
xmpp.social client to server
xmpp.zone client to server
yakk.xyz client to server
yakk.xyz server to server
zash.se client to server

Servers with DNSSEC signed DANE records 0 results

Target Type When

Servers with a hidden service 2 results

Target Type When
jabber.calyxinstitute.org client to server
jabber.calyxinstitute.org server to server

Servers not offering encryption 5 results

Target Type When
211.201.144.117 client to server
conference.soprani.ca server to server
firemail.cc server to server
meet.dpc.re client to server
redbull.com server to server

Servers sharing private keys 26 results

Target SHA256(SPKI)
jabjab.de c2s 0C:5B:CB:37:87:A8:12:C4:9F:04:CD:0E:98:2A:A7:72:B4:4C:C5:50:FC:9F:B4:0D:AC:2F:91:E2:D8:EA:43:3C
pad7.de c2s 0C:5B:CB:37:87:A8:12:C4:9F:04:CD:0E:98:2A:A7:72:B4:4C:C5:50:FC:9F:B4:0D:AC:2F:91:E2:D8:EA:43:3C
jabber.today c2s 1F:8A:84:25:BC:12:B1:08:E1:3E:3F:3C:E1:0A:4A:BD:BD:78:2C:6D:94:0E:8E:E9:82:4C:5E:3B:9E:4F:90:B4
sure.im c2s 1F:8A:84:25:BC:12:B1:08:E1:3E:3F:3C:E1:0A:4A:BD:BD:78:2C:6D:94:0E:8E:E9:82:4C:5E:3B:9E:4F:90:B4
sure.im s2s 1F:8A:84:25:BC:12:B1:08:E1:3E:3F:3C:E1:0A:4A:BD:BD:78:2C:6D:94:0E:8E:E9:82:4C:5E:3B:9E:4F:90:B4
tigase.im c2s 1F:8A:84:25:BC:12:B1:08:E1:3E:3F:3C:E1:0A:4A:BD:BD:78:2C:6D:94:0E:8E:E9:82:4C:5E:3B:9E:4F:90:B4
tigase.im s2s 1F:8A:84:25:BC:12:B1:08:E1:3E:3F:3C:E1:0A:4A:BD:BD:78:2C:6D:94:0E:8E:E9:82:4C:5E:3B:9E:4F:90:B4
chat-dev.nayapay.com c2s 37:F9:45:40:FC:67:AD:68:4C:22:4C:16:FD:2E:A5:E6:20:B2:2E:F1:E4:3E:59:CE:B7:B6:85:11:5A:91:28:5C
chat.nayapay.com c2s 37:F9:45:40:FC:67:AD:68:4C:22:4C:16:FD:2E:A5:E6:20:B2:2E:F1:E4:3E:59:CE:B7:B6:85:11:5A:91:28:5C
frolova.org c2s A6:61:F2:A4:F4:AC:49:F7:88:91:40:BB:FC:1C:E0:B9:C6:BD:F2:69:59:22:63:43:34:18:7F:A1:8E:6D:7E:8C
frolova.org s2s A6:61:F2:A4:F4:AC:49:F7:88:91:40:BB:FC:1C:E0:B9:C6:BD:F2:69:59:22:63:43:34:18:7F:A1:8E:6D:7E:8C
frolov.net c2s A6:61:F2:A4:F4:AC:49:F7:88:91:40:BB:FC:1C:E0:B9:C6:BD:F2:69:59:22:63:43:34:18:7F:A1:8E:6D:7E:8C
frolov.net s2s A6:61:F2:A4:F4:AC:49:F7:88:91:40:BB:FC:1C:E0:B9:C6:BD:F2:69:59:22:63:43:34:18:7F:A1:8E:6D:7E:8C
im.apinc.org c2s E8:F8:76:67:90:D9:F1:4E:B1:9E:90:B6:AB:B4:1E:7C:E8:EA:CC:E1:72:5C:2D:3E:DB:18:BF:DE:59:44:A0:04
im.apinc.org s2s E8:F8:76:67:90:D9:F1:4E:B1:9E:90:B6:AB:B4:1E:7C:E8:EA:CC:E1:72:5C:2D:3E:DB:18:BF:DE:59:44:A0:04
jabber.fr c2s E8:F8:76:67:90:D9:F1:4E:B1:9E:90:B6:AB:B4:1E:7C:E8:EA:CC:E1:72:5C:2D:3E:DB:18:BF:DE:59:44:A0:04
01337.io c2s F8:0B:60:50:AA:27:B1:F4:42:8E:0A:59:EB:36:1D:B6:55:66:70:02:32:2C:B4:35:71:38:79:2E:A9:B9:B3:2F
01337.ru c2s F8:0B:60:50:AA:27:B1:F4:42:8E:0A:59:EB:36:1D:B6:55:66:70:02:32:2C:B4:35:71:38:79:2E:A9:B9:B3:2F
0day.la c2s F8:0B:60:50:AA:27:B1:F4:42:8E:0A:59:EB:36:1D:B6:55:66:70:02:32:2C:B4:35:71:38:79:2E:A9:B9:B3:2F
shad0w.io c2s F8:0B:60:50:AA:27:B1:F4:42:8E:0A:59:EB:36:1D:B6:55:66:70:02:32:2C:B4:35:71:38:79:2E:A9:B9:B3:2F
shad0w.ru c2s F8:0B:60:50:AA:27:B1:F4:42:8E:0A:59:EB:36:1D:B6:55:66:70:02:32:2C:B4:35:71:38:79:2E:A9:B9:B3:2F
deshalbfrei.org c2s FB:A0:BF:52:70:19:0B:A2:15:83:F8:57:13:61:77:AD:1C:84:E5:4D:A7:1E:28:25:FC:E5:AB:05:D8:11:45:3D
draugr.de c2s FB:A0:BF:52:70:19:0B:A2:15:83:F8:57:13:61:77:AD:1C:84:E5:4D:A7:1E:28:25:FC:E5:AB:05:D8:11:45:3D
ubuntu-jabber.net c2s FB:A0:BF:52:70:19:0B:A2:15:83:F8:57:13:61:77:AD:1C:84:E5:4D:A7:1E:28:25:FC:E5:AB:05:D8:11:45:3D
xabber.de c2s FB:A0:BF:52:70:19:0B:A2:15:83:F8:57:13:61:77:AD:1C:84:E5:4D:A7:1E:28:25:FC:E5:AB:05:D8:11:45:3D
xabber.de s2s FB:A0:BF:52:70:19:0B:A2:15:83:F8:57:13:61:77:AD:1C:84:E5:4D:A7:1E:28:25:FC:E5:AB:05:D8:11:45:3D