Various reports of all servers tested

Report for december 2013 | Results of the last day | Results of the last week | Results of the last month

TLS versions 217 results

SSL 2	0 0%
SSL 3	4 1.8%
TLS 1.0	133 61.3%
TLS 1.1	142 65.4%
TLS 1.2	213 98.2%

Grades 217 results

A	184 84.8%
B	23 10.6%
C	10 4.6%
D	0 0%
E	0 0%
F	0 0%

Does not penalize untrusted certificates.

RSA key sizes for domain certificates

RSA key size	Count
2048	109 50.7%
3072	1 0.5%
4096	105 48.8%

StartTLS

Type	Client to server	Server to server
Required	116 82.3%	60 78.9%
Allowed	25 17.7%	16 21.1%

Trust

To do authenticated encryption, a certificate needs to be both trusted and valid. Trusted means it is issued by a well-known CA and valid means it is valid for the domain we want to connect to.

	Trusted	Untrusted
Valid	0%	33 14%
Invalid	199 84.3%	4 1.7%

SASL mechanisms 141 results

Mechanism	# times offered before TLS	# times offered after TLS
PLAIN	25 17.7%	137 97.2%
SCRAM-SHA-1	20 14.2%	118 83.7%
SCRAM-SHA-1-PLUS	0 0%	52 36.9%
X-OAUTH2	7 5%	39 27.7%
DIGEST-MD5	17 12.1%	31 22%
CRAM-MD5	9 6.4%	10 7.1%
SCRAM-SHA-512	0 0%	1 0.7%
SCRAM-SHA-512-PLUS	0 0%	1 0.7%
SCRAM-SHA-256	0 0%	1 0.7%
LOGIN	0 0%	1 0.7%
ANONYMOUS	1 0.7%	1 0.7%
SCRAM-SHA-256-PLUS	0 0%	1 0.7%
SCRAM-SHA-384	0 0%	1 0.7%
SCRAM-SHA-384-PLUS	0 0%	1 0.7%

Servers supporting SSL 3, but not TLS 1.0 0 results

SSL 3 and TLS 1.0 are very similar, but TLS 1.0 has some small improvements. This table is meant to help judge whether SSL 3 can be disabled by listing the servers that do support SSL 3, but not TLS 1.0.

Target	Type	When

Servers supporting SSL 2 0 results

SSL 2 is broken and insecure. It is not required for compatibility and servers should disable it.

Target	Type	When

CAs used Top 30

Name/Organization	SHA1	Count
Let's Encrypt Authority X3	E6:A3:B4:5B:06:2D:50:9B:33:82:28:2D:19:6E:FE:97:D5:95:6C:CB	115
Let's Encrypt Authority X3	1B:23:67:53:54:FC:AD:90:11:9D:88:07:50:15:EA:17:AD:D5:27:D8	4
COMODO RSA Domain Validation Secure Server CA	33:9C:DD:57:CF:D5:B1:41:16:9B:61:5F:F3:14:28:78:2D:1D:A6:39	3
Go Daddy Secure Certificate Authority - G2	27:AC:93:69:FA:F2:52:07:BB:26:27:CE:FA:CC:BE:4E:F9:C3:19:B8	3
StartCom Class 1 DV Server CA	39:8E:19:36:63:9B:A5:20:6D:F5:17:9B:FB:B7:01:09:33:96:94:00	2
Gandi Standard SSL CA 2	24:71:06:A4:05:B2:88:A4:6E:70:A0:26:27:17:16:2D:09:03:E7:34	2
Sectigo RSA Domain Validation Secure Server CA	33:E4:E8:08:07:20:4C:2B:61:82:A3:A1:4B:59:1A:CD:25:B5:F0:DB	2
DarkEngine	B1:BD:DC:81:8B:E4:36:2F:4A:A8:36:B6:D9:5A:CA:0B:43:56:C3:B4	1
numeritech.fr	DF:2F:B5:AA:B3:6D:12:47:C2:31:29:51:A5:1D:27:70:D0:7C:49:15	1
ejabberd	E9:A2:65:D0:1C:EA:42:88:58:51:1F:5D:78:B4:19:77:33:EE:00:ED	1
thawte SSL CA - G2	2E:A7:1C:36:7D:17:8C:84:3F:D2:1D:B4:FD:B6:30:BA:54:A2:0D:C5	1
localhost	B9:B3:E3:1F:26:CC:BF:DF:1E:78:9D:CA:61:A7:40:C5:FF:9C:E9:83	1
ijeeynrc6x2uy5ob.onion	83:B6:A3:D7:27:49:75:B6:7F:8D:73:9A:9A:8C:C1:A5:A1:9F:54:77	1
RapidSSL RSA CA 2018	98:C6:A8:DC:88:79:63:BA:3C:F9:C2:73:1C:BD:D3:F7:DE:05:AC:2D	1
AlphaSSL CA - SHA256 - G2	4C:27:43:17:17:56:5A:3A:07:F3:E6:D0:03:2C:42:58:94:9C:F9:EC	1
Certum Domain Validation CA SHA2	FF:9C:EB:13:C8:3F:15:B8:00:E6:EF:F9:87:B2:C7:2E:01:B4:B3:20	1
DigiCert SHA2 Secure Server CA	1F:B8:6B:11:68:EC:74:31:54:06:2E:8C:9C:C5:B1:71:A4:B7:CC:B4	1
tinigin.ru	92:C3:C9:3C:F9:8E:82:AC:7B:75:AE:12:C1:86:32:55:4A:28:EA:6E	1
Jabber Local CA	0F:FB:60:9B:A3:24:48:E4:A1:79:2E:CF:42:FD:04:F9:73:3F:40:79	1
odit.ml	94:5F:E3:FC:3F:B0:3F:8E:F4:74:86:83:FD:C1:77:E2:AD:01:37:52	1
DFN-Verein Global Issuing CA	C9:DC:B0:47:AC:8C:5F:09:05:ED:77:52:8C:BD:4B:84:D9:46:3C:45	1
okvm.de	23:5A:52:C3:1C:FC:4B:79:8F:1F:D0:DB:05:00:CE:27:E7:27:82:43	1
funkyroot-ca	0B:8B:6E:54:FD:5B:8A:06:5E:59:63:A9:A3:2D:98:C9:BF:8C:89:38	1
Thawte RSA CA 2018	4D:EE:A7:06:0D:80:BA:BF:16:43:B4:E0:F0:10:4C:82:99:50:75:B7	1
SwissSign Server Silver CA 2014 - G22	55:BE:46:7A:A4:4B:F0:C1:5D:4B:CB:D0:6B:DC:A2:4B:BA:94:1E:13	1
Fake LE Intermediate X1	4E:EE:73:98:C1:A3:DA:F9:1D:A1:66:89:DB:82:43:92:7A:27:1B:9A	1
StartCom BR SSL ICA	37:7B:35:1C:CB:87:A4:F5:F1:D3:99:78:56:13:15:CD:46:0D:67:1A	1
germanyt366sirdc.onion	F9:99:F2:02:D8:59:87:C2:2C:FA:26:D0:BB:A4:FE:DC:65:09:D6:54	1
jabber.banuareload.com	60:89:FA:C7:76:C6:83:49:00:0F:AD:2E:E3:2B:26:5E:45:77:6E:6B	1
IT and Media-Services root CA	01:49:6A:42:71:5A:9A:37:CC:57:BE:E7:35:F1:2D:4F:08:B9:21:4D	1

Servers using <2048-bit RSA certificates which expires after 01-01-2014 0 results

As described in the CA/Browser Forum Baseline Requirements, certificates with RSA keys with less than 2048 bits should not be issued with an notAfter date after 31-12-2013. This list lists all certificates which violate that rule.

Target	Type	When	Issuer

Servers with DNSSEC signed SRV records 65 results

Target	Type	When
404.city	client to server	2019-08-17T13:40:32+00:00
404.city	server to server	2019-08-15T05:38:50+00:00
5222.de	client to server	2019-08-19T14:18:32+00:00
5222.de	server to server	2019-08-19T14:20:01+00:00
a3.pm	client to server	2019-08-18T22:12:12+00:00
alternanet.fr	client to server	2019-08-18T06:36:13+00:00
blug.moe	client to server	2019-08-18T20:31:53+00:00
calyxinstitute.org	client to server	2019-08-16T01:12:23+00:00
dismail.de	client to server	2019-08-19T16:43:39+00:00
dismail.de	server to server	2019-08-19T14:26:47+00:00
draugr.de	client to server	2019-08-19T11:26:11+00:00
draugr.de	server to server	2019-08-15T19:06:13+00:00
eckmul.net	client to server	2019-08-20T13:08:43+00:00
eckmul.net	server to server	2019-08-20T13:20:27+00:00
gajim.org	server to server	2019-08-16T08:56:02+00:00
honigdachse.de	client to server	2019-08-18T13:06:52+00:00
iluha.de	client to server	2019-08-19T17:48:13+00:00
iluha.de	server to server	2019-08-19T17:48:20+00:00
invy.at	client to server	2019-08-19T11:33:25+00:00
invy.at	server to server	2019-08-18T21:01:28+00:00
jabb3r.org	client to server	2019-08-15T17:27:26+00:00
jabb3r.org	server to server	2019-08-15T17:26:02+00:00
jabber.at	client to server	2019-08-18T12:21:43+00:00
jabber.at	server to server	2019-08-19T15:30:59+00:00
jabber.briehl.de	client to server	2019-08-16T11:41:53+00:00
jabber.briehl.de	server to server	2019-08-16T11:37:58+00:00
jabber.calyxinstitute.org	client to server	2019-08-18T09:10:04+00:00
jabber.cat	server to server	2019-08-19T15:32:13+00:00
jabber.chaostreffbern.ch	client to server	2019-08-18T14:56:07+00:00
jabber.cheetah85.ovh	client to server	2019-08-18T17:54:51+00:00
jabber.cheetah85.ovh	server to server	2019-08-18T17:53:44+00:00
jabber.de	client to server	2019-08-19T14:13:24+00:00
jabber.de	server to server	2019-08-19T14:13:59+00:00
jabber.hot-chilli.net	client to server	2019-08-18T09:14:06+00:00
jabber.no-sense.net	client to server	2019-08-19T14:09:44+00:00
jabber.no-sense.net	server to server	2019-08-19T14:24:08+00:00
jabberpl.org	client to server	2019-08-19T15:19:06+00:00
jabber.systemli.org	client to server	2019-08-20T15:20:00+00:00
jabber.zone	client to server	2019-08-20T09:35:20+00:00
juick.com	server to server	2019-08-19T09:34:30+00:00
lightwitch.org	client to server	2019-08-20T13:31:41+00:00
magicbroccoli.de	client to server	2019-08-19T16:04:31+00:00
magicbroccoli.de	server to server	2019-08-19T15:36:23+00:00
mailbox.org	client to server	2019-08-17T09:29:56+00:00
mdosch.de	server to server	2019-08-19T14:27:19+00:00
mindspl.at	client to server	2019-08-14T08:14:43+00:00
nwschat.weather.gov	client to server	2019-08-15T12:31:49+00:00
ofus.world	client to server	2019-08-19T11:38:34+00:00
pimux.de	client to server	2019-08-14T16:44:17+00:00
pimux.de	server to server	2019-08-19T15:43:46+00:00
riseup.net	client to server	2019-08-20T15:18:20+00:00
simplewire.de	client to server	2019-08-19T18:52:55+00:00
snopyta.org	server to server	2019-08-17T09:27:33+00:00
stusta.mhn.de	server to server	2019-08-14T06:59:00+00:00
trashserver.net	client to server	2019-08-15T19:06:37+00:00
trashserver.net	server to server	2019-08-15T19:16:45+00:00
ubuntu-jabber.net	client to server	2019-08-17T16:08:36+00:00
wiuwiu.de	client to server	2019-08-20T08:53:42+00:00
wiuwiu.de	server to server	2019-08-19T15:48:11+00:00
xmpp.co	client to server	2019-08-17T22:06:28+00:00
xmpp.is	client to server	2019-08-16T17:42:48+00:00
xmpp.lt	client to server	2019-08-17T09:37:27+00:00
xmpp.xyz	client to server	2019-08-14T02:20:52+00:00
zeroanarchy.com	client to server	2019-08-20T13:42:03+00:00
zeroanarchy.com	server to server	2019-08-20T13:25:08+00:00

Servers with DNSSEC signed DANE records 0 results

Target	Type	When

Servers with a hidden service 3 results

Target	Type	When
germanyt366sirdc.onion	client to server	2019-08-20T08:13:18+00:00
ijeeynrc6x2uy5ob.onion	client to server	2019-08-19T21:46:27+00:00
jabber.calyxinstitute.org	client to server	2019-08-18T09:10:04+00:00

Servers not offering encryption 1 results

Target	Type	When
peacock.mithrai.com	client to server	2019-08-16T17:36:41+00:00

Servers sharing private keys 18 results

Target	SHA256(SPKI)
core.mywire.org c2s	59:6F:18:C9:E8:27:CD:97:EF:86:51:61:06:D7:1E:34:7A:4B:9A:D5:4A:70:B6:04:10:DF:C1:98:EF:65:23:38
wallabag.hopto.org c2s	59:6F:18:C9:E8:27:CD:97:EF:86:51:61:06:D7:1E:34:7A:4B:9A:D5:4A:70:B6:04:10:DF:C1:98:EF:65:23:38
wallabag.hopto.org s2s	59:6F:18:C9:E8:27:CD:97:EF:86:51:61:06:D7:1E:34:7A:4B:9A:D5:4A:70:B6:04:10:DF:C1:98:EF:65:23:38
rimkus.it c2s	8D:98:E0:E1:4E:10:94:0E:5F:E2:97:AD:9D:8D:53:85:50:7A:74:0A:6D:E2:71:9C:51:43:02:7A:F7:5D:67:AE
rimkus.it s2s	8D:98:E0:E1:4E:10:94:0E:5F:E2:97:AD:9D:8D:53:85:50:7A:74:0A:6D:E2:71:9C:51:43:02:7A:F7:5D:67:AE
xmpp2.rimkus.it c2s	8D:98:E0:E1:4E:10:94:0E:5F:E2:97:AD:9D:8D:53:85:50:7A:74:0A:6D:E2:71:9C:51:43:02:7A:F7:5D:67:AE
xmpp2.rimkus.it s2s	8D:98:E0:E1:4E:10:94:0E:5F:E2:97:AD:9D:8D:53:85:50:7A:74:0A:6D:E2:71:9C:51:43:02:7A:F7:5D:67:AE
draugr.de c2s	A5:99:DE:DE:0A:3F:7E:A7:AD:BD:60:A4:DC:53:45:0F:1A:BC:80:4C:A7:F8:61:DE:B4:B8:23:D3:FB:7C:DF:9D
draugr.de s2s	A5:99:DE:DE:0A:3F:7E:A7:AD:BD:60:A4:DC:53:45:0F:1A:BC:80:4C:A7:F8:61:DE:B4:B8:23:D3:FB:7C:DF:9D
ubuntu-jabber.net c2s	A5:99:DE:DE:0A:3F:7E:A7:AD:BD:60:A4:DC:53:45:0F:1A:BC:80:4C:A7:F8:61:DE:B4:B8:23:D3:FB:7C:DF:9D
odit.ml c2s	C1:7C:04:DA:A8:21:74:DD:1E:59:23:83:15:3E:B5:5B:13:3F:BD:B3:31:00:5A:71:BF:9E:74:49:94:58:32:B2
www.odit.ml c2s	C1:7C:04:DA:A8:21:74:DD:1E:59:23:83:15:3E:B5:5B:13:3F:BD:B3:31:00:5A:71:BF:9E:74:49:94:58:32:B2
jabber.tinigin.ru c2s	C3:A4:83:8B:EB:8E:C2:FE:C2:AA:5C:98:0A:E7:60:F7:25:1B:66:CB:BE:3D:DB:4F:8E:66:1B:07:C2:3F:A4:FD
tinigin.ru c2s	C3:A4:83:8B:EB:8E:C2:FE:C2:AA:5C:98:0A:E7:60:F7:25:1B:66:CB:BE:3D:DB:4F:8E:66:1B:07:C2:3F:A4:FD
tinigin.ru s2s	C3:A4:83:8B:EB:8E:C2:FE:C2:AA:5C:98:0A:E7:60:F7:25:1B:66:CB:BE:3D:DB:4F:8E:66:1B:07:C2:3F:A4:FD
xmpp.co c2s	E3:51:DF:8B:09:F5:87:8C:A8:C5:75:6D:E1:88:1B:01:16:99:0D:5A:E0:8F:01:28:D2:1C:55:7A:21:8C:B1:DB
xmpp.is c2s	E3:51:DF:8B:09:F5:87:8C:A8:C5:75:6D:E1:88:1B:01:16:99:0D:5A:E0:8F:01:28:D2:1C:55:7A:21:8C:B1:DB
xmpp.xyz c2s	E3:51:DF:8B:09:F5:87:8C:A8:C5:75:6D:E1:88:1B:01:16:99:0D:5A:E0:8F:01:28:D2:1C:55:7A:21:8C:B1:DB