IM Observatory client report for fau.de

Test started 2018-09-16 17:30:41 UTC .

Show server to server result | Permalink to this report | Retest

jabber.rrze.uni-erlangen.de:5222
Certificate is not trusted, grade capped to F. Ignoring trust: B.
Server uses Diffie-Hellman parameters of < 2048 bits. Grade capped to B.
jabber.rrze.uni-erlangen.de:5222
StartTLS
REQUIRED

SASL

Pre-TLS
CRAM-MD5
DIGEST-MD5
EXTERNAL
JIVE-SHAREDSECRET
PLAIN
SCRAM-SHA-1
Post-TLS
CRAM-MD5
DIGEST-MD5
EXTERNAL
JIVE-SHAREDSECRET
PLAIN
SCRAM-SHA-1

SRV records _xmpp-client._tcp.fau.de DNSSEC

Priority Weight Port Server
0 0 5222 jabber.rrze.uni-erlangen.de

TLSA records

Certificates

Subject
commonName
jabber.rrze.uni-erlangen.de
countryName
DE
localityName
Erlangen
organizationalUnitName
RRZE
organizationName
Universitaet Erlangen-Nuernberg
stateOrProvinceName
Bayern
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2015-02-23 12:47:15 UTC
Valid to
2019-07-09 23:59:00 UTC
CRL
http://cdp2.pca.dfn.de/uni-erlangen-nuernberg-ca/pub/crl/cacrl.crl
OCSP
http://ocsp.pca.dfn.de/OCSP-Server/OCSP
Valid for fau.de
NO
39:DB:1C:99:92:C0:24:B7:F7:0F:36:FC:4C:61:A7:09:DA:C8:AE:96
Subject Alternative Names
DNSName
chat.fau.de
DNSName
chat.rrze.uni-erlangen.de
DNSName
chat.uni-erlangen.de
DNSName
conference.chat.uni-erlangen.de
DNSName
jabber.rrze.uni-erlangen.de
Subject
commonName
FAU-CA
countryName
DE
emailAddress
ca@rrze.uni-erlangen.de
localityName
Erlangen
organizationalUnitName
RRZE
organizationName
Universitaet Erlangen-Nuernberg
stateOrProvinceName
Bayern
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2014-05-27 14:56:37 UTC
Valid to
2019-07-09 23:59:00 UTC
CRL
http://cdp2.pca.dfn.de/global-root-ca/pub/crl/cacrl.crl
OCSP
http://ocsp.pca.dfn.de/OCSP-Server/OCSP
82:EF:BD:80:D3:47:4C:B8:BA:96:87:36:7F:6E:3C:6B:51:1E:70:F1
Subject
commonName
DFN-Verein PCA Global - G01
countryName
DE
organizationalUnitName
DFN-PKI
organizationName
DFN-Verein
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2014-07-22 12:08:26 UTC
Valid to
2019-07-09 23:59:00 UTC
CRL
http://pki0336.telesec.de/rl/DT_ROOT_CA_2.crl
OCSP
http://ocsp0336.telesec.de/ocspr
F4:C5:38:C3:BB:99:4F:13:F8:FD:C2:40:B6:79:A6:4B:19:34:A1:B5
Subject
commonName
Deutsche Telekom Root CA 2
countryName
DE
organizationalUnitName
T-TeleSec Trust Center
organizationName
Deutsche Telekom AG
Details
Signature algorithm
sha1WithRSAEncryption
Public key
2048 bit RSA
Valid from
1999-07-09 12:11:00 UTC
Valid to
2019-07-09 23:59:00 UTC
85:A4:08:C0:9C:19:3E:5D:51:58:7D:CD:D6:13:30:FD:8C:DE:37:BF

Protocols

SSLv2 No
SSLv3 No
TLSv1 Yes
TLSv1.1 Yes
TLSv1.2 Yes

Ciphers

Server does respect the client's cipher ordering.

Cipher suiteBitsizeForward secrecyInfo
ECDHE-RSA-AES256-SHA384 (0xc028) 256 Yes Curve: secp521r1
ECDHE-RSA-AES256-SHA (0xc014) 256 Yes Curve: secp521r1
DHE-RSA-AES256-SHA256 (0x6b) 256 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DHE-RSA-AES256-SHA (0x39) 256 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
AES256-SHA256 (0x3d) 256 No -
AES256-SHA (0x35) 256 No -
ECDHE-RSA-AES128-SHA256 (0xc027) 128 Yes Curve: secp521r1
ECDHE-RSA-AES128-SHA (0xc013) 128 Yes Curve: secp521r1
DHE-RSA-AES128-SHA256 (0x67) 128 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DHE-RSA-AES128-SHA (0x33) 128 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
AES128-SHA256 (0x3c) 128 No -
AES128-SHA (0x2f) 128 No -
ECDHE-RSA-DES-CBC3-SHA (0xc012) WEAK 112 Yes Curve: secp521r1
EDH-RSA-DES-CBC3-SHA (0x16) WEAK 112 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DES-CBC3-SHA (0xa) WEAK 112 No -

Badge

xmpp.net score

Want to show this result on your webpage? Add this:

<a href='https://xmpp.net/result.php?domain=fau.de&amp;type=client'><img src='https://xmpp.net/badge.php?domain=fau.de' alt='xmpp.net score' /></a>