Various reports of all servers tested

Report for december 2013 | Results of the last day | Results of the last week | Results of the last month

TLS versions 498 results

SSL 2 1 0.2%
SSL 3 2 0.4%
TLS 1.0 244 49%
TLS 1.1 258 51.8%
TLS 1.2 495 99.4%

Grades 498 results

A 444 89.2%
B 46 9.2%
C 7 1.4%
D 0 0%
E 0 0%
F 1 0.2%
Does not penalize untrusted certificates.

RSA key sizes for domain certificates

RSA key size Count
1024 2 0.4%
2048 256 53.4%
3072 4 0.8%
4096 216 45.1%
8192 1 0.2%

StartTLS

Type Client to server Server to server
Required 286 84.9% 106 65.8%
Allowed 51 15.1% 55 34.2%

Trust

To do authenticated encryption, a certificate needs to be both trusted and valid. Trusted means it is issued by a well-known CA and valid means it is valid for the domain we want to connect to.

Trusted Untrusted
Valid 451 81.9% 44 8%
Invalid 22 4% 34 6.2%

SASL mechanisms 337 results

Mechanism # times offered before TLS # times offered after TLS
PLAIN 42 12.5% 318 94.4%
SCRAM-SHA-1 48 14.2% 280 83.1%
SCRAM-SHA-1-PLUS 0 0% 128 38%
X-OAUTH2 17 5% 94 27.9%
DIGEST-MD5 30 8.9% 73 21.7%
CRAM-MD5 16 4.7% 17 5%
X-GOOGLE-TOKEN 4 1.2% 4 1.2%
ANONYMOUS 4 1.2% 4 1.2%
OAUTHBEARER 0 0% 1 0.3%
EXTERNAL 0 0% 1 0.3%
SCRAM-SHA-256 0 0% 1 0.3%
SCRAM-SHA-256-PLUS 0 0% 1 0.3%
SCRAM-SHA-512 0 0% 1 0.3%
SCRAM-SHA-512-PLUS 0 0% 1 0.3%
CISCO-VTG-TOKEN 0 0% 1 0.3%
JIVE-SHAREDSECRET 1 0.3% 1 0.3%
LOGIN 0 0% 1 0.3%
NTLM 1 0.3% 1 0.3%

Servers supporting SSL 3, but not TLS 1.0 0 results

SSL 3 and TLS 1.0 are very similar, but TLS 1.0 has some small improvements. This table is meant to help judge whether SSL 3 can be disabled by listing the servers that do support SSL 3, but not TLS 1.0.

Target Type When

Servers supporting SSL 2 1 results

SSL 2 is broken and insecure. It is not required for compatibility and servers should disable it.

Target Type When
silper.cz client to server

CAs used Top 30

Name/Organization SHA1 Count
Let's Encrypt Authority X3 E6:A3:B4:5B:06:2D:50:9B:33:82:28:2D:19:6E:FE:97:D5:95:6C:CB 280
Sectigo RSA Domain Validation Secure Server CA 33:E4:E8:08:07:20:4C:2B:61:82:A3:A1:4B:59:1A:CD:25:B5:F0:DB 12
Go Daddy Secure Certificate Authority - G2 27:AC:93:69:FA:F2:52:07:BB:26:27:CE:FA:CC:BE:4E:F9:C3:19:B8 6
COMODO RSA Domain Validation Secure Server CA 33:9C:DD:57:CF:D5:B1:41:16:9B:61:5F:F3:14:28:78:2D:1D:A6:39 5
Let's Encrypt Authority X3 1B:23:67:53:54:FC:AD:90:11:9D:88:07:50:15:EA:17:AD:D5:27:D8 4
DFN-Verein Global Issuing CA C9:DC:B0:47:AC:8C:5F:09:05:ED:77:52:8C:BD:4B:84:D9:46:3C:45 4
GTS CA 1O1 DF:E2:07:0C:79:E7:FF:36:A9:25:FF:A3:27:FF:E3:DE:EC:F8:F9:C2 3
Starfield Secure Certificate Authority - G2 7E:DC:37:6D:CF:D4:5E:6D:DF:08:2C:16:0D:F6:AC:21:83:5B:95:D4 2
GeoTrust RSA CA 2018 7C:CC:2A:87:E3:94:9F:20:57:2B:18:48:29:80:50:5F:A9:0C:AC:3B 2
Buypass Class 2 CA 5 EB:3E:49:D2:73:44:52:AB:B9:98:BC:F7:89:11:AA:47:8F:0D:2E:20 1
CAcert Class 3 Root AD:7C:3F:64:FC:44:39:FE:F4:E9:0B:E8:F4:7C:6C:FA:8A:AD:FD:CE 1
(Unknown) DC:E9:27:E6:03:E9:07:F1:71:9A:93:79:01:13:E2:F7:4E:CF:CC:E7 1
Example certificate 25:FE:5E:FC:B6:3D:65:42:BB:D5:D0:87:15:0B:D8:8D:C6:0F:B5:6D 1
qualitysistemas.com.br 80:43:05:78:35:7F:51:DE:97:8C:1A:10:D7:AD:77:73:FE:5A:A4:63 1
ejabberd 9F:D2:47:38:8B:4E:93:DA:F0:98:A5:56:40:16:EF:AA:A3:9C:08:D1 1
MDPS-CA 7E:F3:82:87:D4:B0:8D:51:5D:FC:40:23:35:C6:45:58:7D:A3:37:D8 1
SwissSign Server Gold CA 2014 - G22 AD:F2:89:73:16:71:8B:45:25:CE:37:00:82:D9:F1:23:D4:93:8F:98 1
PLCM_RPRM.ihs.gov 1E:E1:54:60:37:A7:23:3E:93:FA:48:83:E0:2B:EF:E5:81:5E:CC:F6 1
opal FC:24:59:35:00:39:F3:49:41:44:C8:93:29:3F:37:3B:57:76:FC:48 1
jabber.pandumedia.com 7E:5A:E5:EC:A3:9A:DA:B5:41:AC:31:E0:69:4F:E8:33:A1:15:F0:09 1
RMZ 0F:F9:6E:12:B5:88:82:27:B2:A2:4D:F0:1B:0F:D6:3A:48:62:46:D1 1
xmpp.beldene.site 49:96:5C:F6:9D:79:C9:0E:D7:BE:80:97:EF:FE:5C:E0:E6:D1:89:14 1
chat.gazduireit.ro 2B:CF:1A:2C:E5:2F:80:6C:A0:44:E8:BB:56:A8:A1:60:7A:FE:07:38 1
ld2020.amssn.eu 1C:3D:86:95:12:5C:9F:54:2A:8C:40:A5:63:DA:4C:DE:FB:7E:10:D6 1
GlobalSign GCC R3 DV TLS CA 2020 1C:61:0A:0A:87:D4:92:F4:83:22:C2:AF:D3:BE:9B:6A:D3:6B:6B:EE 1
SH-Offline-CA 86:64:AA:B9:2B:87:43:FD:C4:C1:A9:52:A4:A9:29:82:82:AB:B0:39 1
itmaster.work BA:F1:2F:BB:93:94:FB:A5:5A:E2:9F:B3:73:DF:4D:EA:CE:29:28:E0 1
localhost B9:B3:E3:1F:26:CC:BF:DF:1E:78:9D:CA:61:A7:40:C5:FF:9C:E9:83 1
ejabberd Community Server Test Certificate 74:82:AB:54:E7:09:17:4A:D3:67:9D:37:3B:3B:4E:FD:ED:A7:A4:1B 1
DigiCert Global CA G2 D6:AE:E3:16:31:F7:AB:C5:6B:9D:E8:AB:EC:CC:41:08:A6:26:B1:04 1

Servers using <2048-bit RSA certificates which expires after 01-01-2014 0 results

As described in the CA/Browser Forum Baseline Requirements, certificates with RSA keys with less than 2048 bits should not be issued with an notAfter date after 31-12-2013. This list lists all certificates which violate that rule.

Target Type When Issuer

Servers with DNSSEC signed SRV records 111 results

Target Type When
0x00.nz client to server
0x00.nz server to server
1200bps.xyz client to server
404.city client to server
404.city server to server
5222.de client to server
5222.de server to server
alongtheriver.xyz client to server
anoxinon.me client to server
augusta.de client to server
augusta.de server to server
awit.at client to server
chinwag.org server to server
competenceslinux.com client to server
constexpr.org client to server
constexpr.org server to server
core.mx client to server
danwin1210.me client to server
deepspace.dedyn.io client to server
dismail.de client to server
dismail.de server to server
ejabberd.seb78.com client to server
ejabberd.seb78.com server to server
ematrix.online client to server
f-ck.eu client to server
freepbx.servicevolontaire.org client to server
heap.ovh server to server
hot-chilli.net client to server
im.hot-chilli.net client to server
invy.at client to server
invy.at server to server
jabb3r.de client to server
jabber.5july.net server to server
jabber.absturztau.be client to server
jabber.absturztau.be server to server
jabber.at client to server
jabber.calyxinstitute.org client to server
jabber.de client to server
jabber.fr client to server
jabberfr.org client to server
jabber.hot-chilli.net client to server
jabberhut.de client to server
jabber.no-sense.net client to server
jabberpl.org client to server
jabber.politicalsciences.eu client to server
jabber.politicalsciences.eu server to server
jabber.systemli.org client to server
jabber.systemli.org server to server
jabber.tcpreset.net client to server
jabber.uk client to server
jorsn.eu client to server
jorsn.eu server to server
k2t.eu client to server
kd2.io client to server
kd2.io server to server
kde.org client to server
lacti.de client to server
lukegb.com server to server
magicum.net client to server
magicum.net server to server
mailbox.org client to server
monocles.de client to server
mytum.de client to server
nlnet.nl client to server
noema.org client to server
nologs.at client to server
nologs.at server to server
nologs.be client to server
nologs.be server to server
pathogen.is client to server
pathogen.is server to server
pimux.de client to server
qsuscs.de client to server
raghavgururajan.name client to server
raghavgururajan.name server to server
riseup.net client to server
setho.org client to server
silper.cz client to server
sjaeger.com client to server
sjaeger.com server to server
skorpil.cz client to server
skynetcloud.site client to server
skynetcloud.site server to server
sophy.life client to server
strobeto.de client to server
strobeto.de server to server
suchat.org client to server
suchat.org server to server
thebackupbox.net client to server
thebackupbox.net server to server
thesecure.biz client to server
thesecure.biz server to server
tiuxo.com client to server
trashserver.net client to server
trashserver.net server to server
wiuwiu.de client to server
x0.chat client to server
x0.chat server to server
xmpp.black client to server
xmpp.black server to server
xmpp.cc client to server
xmpp.cc server to server
xmpp.centurion-consulting.tech client to server
xmpp.chat client to server
xmpp.chat server to server
xmpp.co client to server
xmpp.dk client to server
xmpp.is client to server
xxooxx.xyz client to server
zot.org client to server
zot.org server to server

Servers with DNSSEC signed DANE records 0 results

Target Type When

Servers with a hidden service 3 results

Target Type When
ijeeynrc6x2uy5ob.onion client to server
whitehouvwq2xssf.onion client to server
y2qmqomqpszzryei.onion client to server

Servers not offering encryption 7 results

Target Type When
73348.redit.support client to server
cock.li server to server
ejabberd.casperon.co client to server
freepbx.servicevolontaire.org client to server
lcp.cc client to server
mpro.la client to server
nextcloud.hwc.com.br client to server

Servers sharing private keys 41 results

Target SHA256(SPKI)
xmpp.chat c2s 0D:33:97:B8:4F:13:7D:80:CB:38:78:36:40:E0:C7:9E:34:2A:9E:83:EB:33:BC:86:40:45:AC:F1:2C:12:4B:56
xmpp.chat s2s 0D:33:97:B8:4F:13:7D:80:CB:38:78:36:40:E0:C7:9E:34:2A:9E:83:EB:33:BC:86:40:45:AC:F1:2C:12:4B:56
xmpp.co c2s 0D:33:97:B8:4F:13:7D:80:CB:38:78:36:40:E0:C7:9E:34:2A:9E:83:EB:33:BC:86:40:45:AC:F1:2C:12:4B:56
alertamxdevxmpp1.southcentralus.cloudapp.azure.com c2s 14:9D:F4:CE:BE:50:2A:AD:CB:23:41:7D:E6:1C:70:D8:70:61:13:8D:08:75:B9:2F:B0:A3:84:A9:F0:E1:5C:F3
alertamxdevxmpp.alertamxdev.net c2s 14:9D:F4:CE:BE:50:2A:AD:CB:23:41:7D:E6:1C:70:D8:70:61:13:8D:08:75:B9:2F:B0:A3:84:A9:F0:E1:5C:F3
balancer.ru c2s 32:52:E0:DC:1A:99:0A:5C:47:23:8A:1C:78:53:38:8A:35:2C:1D:63:71:ED:37:08:93:7C:4A:52:54:CB:F5:3D
jitsi.org c2s 32:52:E0:DC:1A:99:0A:5C:47:23:8A:1C:78:53:38:8A:35:2C:1D:63:71:ED:37:08:93:7C:4A:52:54:CB:F5:3D
css-uki.com s2s 4B:94:27:7C:CF:E2:48:DB:FD:95:71:56:37:55:BA:B9:5B:8A:F3:6A:1B:41:F2:81:19:0E:CE:D8:55:46:E1:8C
michael-heimann.de s2s 4B:94:27:7C:CF:E2:48:DB:FD:95:71:56:37:55:BA:B9:5B:8A:F3:6A:1B:41:F2:81:19:0E:CE:D8:55:46:E1:8C
securetalks.biz c2s 56:E6:9D:20:C4:4D:45:1B:2D:BC:44:D1:B5:7E:35:36:43:E9:3E:1D:AE:B3:17:21:3F:4D:6F:39:53:E5:23:EA
wallstreetjabber.biz c2s 56:E6:9D:20:C4:4D:45:1B:2D:BC:44:D1:B5:7E:35:36:43:E9:3E:1D:AE:B3:17:21:3F:4D:6F:39:53:E5:23:EA
wallstreetjabber.biz s2s 56:E6:9D:20:C4:4D:45:1B:2D:BC:44:D1:B5:7E:35:36:43:E9:3E:1D:AE:B3:17:21:3F:4D:6F:39:53:E5:23:EA
1jabber.com c2s 6F:20:56:93:E2:42:4F:E9:47:49:69:59:C8:80:DF:9B:1F:93:48:80:5E:F2:D7:02:85:19:B3:88:5B:13:0D:92
31337.life c2s 6F:20:56:93:E2:42:4F:E9:47:49:69:59:C8:80:DF:9B:1F:93:48:80:5E:F2:D7:02:85:19:B3:88:5B:13:0D:92
nologs.club s2s 6F:20:56:93:E2:42:4F:E9:47:49:69:59:C8:80:DF:9B:1F:93:48:80:5E:F2:D7:02:85:19:B3:88:5B:13:0D:92
blabber.im c2s 7B:42:2A:77:9F:00:42:C9:4B:C3:D8:C9:45:21:33:1E:03:29:BE:A5:1A:2A:DB:D3:2F:45:10:40:91:2E:FA:D8
blabber.im s2s 7B:42:2A:77:9F:00:42:C9:4B:C3:D8:C9:45:21:33:1E:03:29:BE:A5:1A:2A:DB:D3:2F:45:10:40:91:2E:FA:D8
web.blabber.im c2s 7B:42:2A:77:9F:00:42:C9:4B:C3:D8:C9:45:21:33:1E:03:29:BE:A5:1A:2A:DB:D3:2F:45:10:40:91:2E:FA:D8
balancer.ru c2s 92:CE:31:6B:3F:5D:67:0D:DB:0E:24:C9:54:C4:D5:C6:52:E6:C9:5E:D5:CA:E1:F0:58:EC:5E:03:9B:B5:D4:39
google.com c2s 92:CE:31:6B:3F:5D:67:0D:DB:0E:24:C9:54:C4:D5:C6:52:E6:C9:5E:D5:CA:E1:F0:58:EC:5E:03:9B:B5:D4:39
draugr.de c2s 99:00:B8:4B:77:27:FC:6A:85:77:0F:05:D9:84:94:18:EB:37:25:D2:93:8F:0D:E5:88:EB:53:AC:40:1B:0E:3F
draugr.de s2s 99:00:B8:4B:77:27:FC:6A:85:77:0F:05:D9:84:94:18:EB:37:25:D2:93:8F:0D:E5:88:EB:53:AC:40:1B:0E:3F
xabber.de c2s 99:00:B8:4B:77:27:FC:6A:85:77:0F:05:D9:84:94:18:EB:37:25:D2:93:8F:0D:E5:88:EB:53:AC:40:1B:0E:3F
msg-fm.mooo.com c2s 9E:E2:17:75:1E:78:4A:3A:F8:B5:79:57:F4:D5:44:04:F8:AF:2A:1C:9D:4E:ED:CA:E5:1A:0A:7F:82:51:71:A7
msg-fm.mooo.com s2s 9E:E2:17:75:1E:78:4A:3A:F8:B5:79:57:F4:D5:44:04:F8:AF:2A:1C:9D:4E:ED:CA:E5:1A:0A:7F:82:51:71:A7
xmpp.thefontenay.com c2s 9E:E2:17:75:1E:78:4A:3A:F8:B5:79:57:F4:D5:44:04:F8:AF:2A:1C:9D:4E:ED:CA:E5:1A:0A:7F:82:51:71:A7
ch1.teleromm.ru c2s AC:22:50:08:5E:A5:DF:42:3A:34:1C:12:13:BC:81:74:BB:AD:32:E9:E3:D1:11:36:61:24:77:3E:FA:2C:20:87
x.connected2.me c2s AC:22:50:08:5E:A5:DF:42:3A:34:1C:12:13:BC:81:74:BB:AD:32:E9:E3:D1:11:36:61:24:77:3E:FA:2C:20:87
chat.logeecks.com s2s B7:79:B5:65:0E:B0:DA:0C:38:62:45:D4:4C:29:09:B4:8D:89:8B:49:57:21:ED:67:E4:9D:AF:71:A5:13:5F:66
ej.autumnsheet.com c2s B7:79:B5:65:0E:B0:DA:0C:38:62:45:D4:4C:29:09:B4:8D:89:8B:49:57:21:ED:67:E4:9D:AF:71:A5:13:5F:66
nextcloud.hwc.com.br s2s B7:79:B5:65:0E:B0:DA:0C:38:62:45:D4:4C:29:09:B4:8D:89:8B:49:57:21:ED:67:E4:9D:AF:71:A5:13:5F:66
onionmessenger.com c2s B7:79:B5:65:0E:B0:DA:0C:38:62:45:D4:4C:29:09:B4:8D:89:8B:49:57:21:ED:67:E4:9D:AF:71:A5:13:5F:66
onionmessenger.com s2s B7:79:B5:65:0E:B0:DA:0C:38:62:45:D4:4C:29:09:B4:8D:89:8B:49:57:21:ED:67:E4:9D:AF:71:A5:13:5F:66
xmpp.cdteca.com c2s B7:79:B5:65:0E:B0:DA:0C:38:62:45:D4:4C:29:09:B4:8D:89:8B:49:57:21:ED:67:E4:9D:AF:71:A5:13:5F:66
jabber.runout.at c2s D7:83:43:19:80:EB:69:16:9A:EB:DC:1A:6C:9F:19:AF:42:EB:D7:D4:DF:26:CB:D6:4A:DB:F6:7D:9E:BD:B3:F1
jabber.runout.at s2s D7:83:43:19:80:EB:69:16:9A:EB:DC:1A:6C:9F:19:AF:42:EB:D7:D4:DF:26:CB:D6:4A:DB:F6:7D:9E:BD:B3:F1
runout.at s2s D7:83:43:19:80:EB:69:16:9A:EB:DC:1A:6C:9F:19:AF:42:EB:D7:D4:DF:26:CB:D6:4A:DB:F6:7D:9E:BD:B3:F1
jabber.fr c2s E8:F8:76:67:90:D9:F1:4E:B1:9E:90:B6:AB:B4:1E:7C:E8:EA:CC:E1:72:5C:2D:3E:DB:18:BF:DE:59:44:A0:04
jabberfr.org c2s E8:F8:76:67:90:D9:F1:4E:B1:9E:90:B6:AB:B4:1E:7C:E8:EA:CC:E1:72:5C:2D:3E:DB:18:BF:DE:59:44:A0:04
chat.sum7.eu c2s FD:FB:26:7D:7A:A2:31:26:2B:61:CB:04:E4:2A:DE:A7:FA:9C:C5:C6:1C:02:15:8F:50:69:25:D8:03:6C:66:01
meckerspace.de c2s FD:FB:26:7D:7A:A2:31:26:2B:61:CB:04:E4:2A:DE:A7:FA:9C:C5:C6:1C:02:15:8F:50:69:25:D8:03:6C:66:01