IM Observatory client report for gmail.com

xmpp.l.google.com:5222

StartTLS: REQUIRED

SASL

Pre-TLS

Post-TLS

alt1.xmpp.l.google.com:5222

StartTLS: REQUIRED

SASL

Pre-TLS

Post-TLS

alt2.xmpp.l.google.com:5222

StartTLS: REQUIRED

SASL

Pre-TLS

Post-TLS

alt3.xmpp.l.google.com:5222

StartTLS: REQUIRED

SASL

Pre-TLS

Post-TLS

alt4.xmpp.l.google.com:5222

StartTLS: REQUIRED

SASL

Pre-TLS

Post-TLS

SRV records _xmpp-client._tcp.gmail.com NO DNSSEC

Priority	Port	Server
5	5222	xmpp.l.google.com
20	5222	alt1.xmpp.l.google.com
20	5222	alt2.xmpp.l.google.com
20	5222	alt3.xmpp.l.google.com
20	5222	alt4.xmpp.l.google.com

TLSA records

Certificates

Subject

commonName: gmail.com
countryName: US
localityName: Mountain View
organizationName: Google LLC
stateOrProvinceName: California

Details

Signature algorithm

sha256WithRSAEncryption

Public key

2048 bit RSA

Valid from

2019-12-10 08:41:52 UTC

Valid to

2020-03-03 08:41:52 UTC

CRL

OCSP

Valid for gmail.com

YES

2B:E5:9D:AD:EC:92:4E:E9:C1:B8:BE:ED:67:C5:AB:89:5F:22:C7:98

Subject Alternative Names

DNSName: gmail.com Matches
DNSName: *.gmail.com

Subject

commonName: GTS CA 1O1
countryName: US
organizationName: Google Trust Services

Details

Signature algorithm

sha256WithRSAEncryption

Public key

2048 bit RSA

Valid from

2017-06-15 00:00:42 UTC

Valid to

2021-12-15 00:00:42 UTC

CRL

OCSP

http://crl.globalsign.net/root-r2.crl

DF:E2:07:0C:79:E7:FF:36:A9:25:FF:A3:27:FF:E3:DE:EC:F8:F9:C2

Subject

commonName: GlobalSign
organizationalUnitName: GlobalSign Root CA - R2
organizationName: GlobalSign

Details

Signature algorithm

sha1WithRSAEncryption

Public key

2048 bit RSA

Valid from

2006-12-15 08:00:00 UTC

Valid to

2021-12-15 08:00:00 UTC

CRL

75:E0:AB:B6:13:85:12:27:1C:04:F8:5F:DD:DE:38:E4:B7:24:2E:FE

Protocols

SSLv2	No
SSLv3	No
TLSv1	Yes
TLSv1.1	Yes
TLSv1.2	Yes

Ciphers

Server does not respect the client's cipher ordering.

Cipher suite	Bitsize	Forward secrecy	Info
ECDHE-RSA-AES128-GCM-SHA256 (0xc02f)	128	Yes	Curve: prime256v1
ECDHE-RSA-AES256-GCM-SHA384 (0xc030)	256	Yes	Curve: prime256v1
ECDHE-RSA-AES128-SHA (0xc013)	128	Yes	Curve: prime256v1
ECDHE-RSA-AES256-SHA (0xc014)	256	Yes	Curve: prime256v1
AES128-GCM-SHA256 (0x9c)	128	No	-
AES256-GCM-SHA384 (0x9d)	256	No	-
AES128-SHA (0x2f)	128	No	-
AES256-SHA (0x35)	256	No	-
DES-CBC3-SHA (0xa) WEAK	112	No	-

Certificates

Subject

commonName: gmail.com
countryName: US
localityName: Mountain View
organizationName: Google LLC
stateOrProvinceName: California

Details

Signature algorithm

sha256WithRSAEncryption

Public key

2048 bit RSA

Valid from

2019-12-10 08:41:52 UTC

Valid to

2020-03-03 08:41:52 UTC

CRL

OCSP

2B:E5:9D:AD:EC:92:4E:E9:C1:B8:BE:ED:67:C5:AB:89:5F:22:C7:98

Subject Alternative Names

DNSName: gmail.com
DNSName: *.gmail.com

Subject

commonName: GTS CA 1O1
countryName: US
organizationName: Google Trust Services

Details

Signature algorithm

sha256WithRSAEncryption

Public key

2048 bit RSA

Valid from

2017-06-15 00:00:42 UTC

Valid to

2021-12-15 00:00:42 UTC

CRL

OCSP

http://crl.globalsign.net/root-r2.crl

DF:E2:07:0C:79:E7:FF:36:A9:25:FF:A3:27:FF:E3:DE:EC:F8:F9:C2

Subject

commonName: GlobalSign
organizationalUnitName: GlobalSign Root CA - R2
organizationName: GlobalSign

Details

Signature algorithm

sha1WithRSAEncryption

Public key

2048 bit RSA

Valid from

2006-12-15 08:00:00 UTC

Valid to

2021-12-15 08:00:00 UTC

CRL

75:E0:AB:B6:13:85:12:27:1C:04:F8:5F:DD:DE:38:E4:B7:24:2E:FE

Protocols

SSLv2	No
SSLv3	No
TLSv1	Yes
TLSv1.1	Yes
TLSv1.2	Yes

Ciphers

Server does not respect the client's cipher ordering.

Cipher suite	Bitsize	Forward secrecy	Info
ECDHE-RSA-AES128-GCM-SHA256 (0xc02f)	128	Yes	Curve: prime256v1
ECDHE-RSA-AES256-GCM-SHA384 (0xc030)	256	Yes	Curve: prime256v1
ECDHE-RSA-AES128-SHA (0xc013)	128	Yes	Curve: prime256v1
ECDHE-RSA-AES256-SHA (0xc014)	256	Yes	Curve: prime256v1
AES128-GCM-SHA256 (0x9c)	128	No	-
AES256-GCM-SHA384 (0x9d)	256	No	-
AES128-SHA (0x2f)	128	No	-
AES256-SHA (0x35)	256	No	-
DES-CBC3-SHA (0xa) WEAK	112	No	-

Certificates

Subject

commonName: gmail.com
countryName: US
localityName: Mountain View
organizationName: Google LLC
stateOrProvinceName: California

Details

Signature algorithm

sha256WithRSAEncryption

Public key

2048 bit RSA

Valid from

2019-12-03 14:47:31 UTC

Valid to

2020-02-25 14:47:31 UTC

CRL

OCSP

49:ED:0C:D1:95:C0:2B:45:59:8D:D3:5F:D4:22:CB:3A:B7:F8:B0:63

Subject Alternative Names

DNSName: gmail.com
DNSName: *.gmail.com

Subject

commonName: GTS CA 1O1
countryName: US
organizationName: Google Trust Services

Details

Signature algorithm

sha256WithRSAEncryption

Public key

2048 bit RSA

Valid from

2017-06-15 00:00:42 UTC

Valid to

2021-12-15 00:00:42 UTC

CRL

OCSP

http://crl.globalsign.net/root-r2.crl

DF:E2:07:0C:79:E7:FF:36:A9:25:FF:A3:27:FF:E3:DE:EC:F8:F9:C2

Subject

commonName: GlobalSign
organizationalUnitName: GlobalSign Root CA - R2
organizationName: GlobalSign

Details

Signature algorithm

sha1WithRSAEncryption

Public key

2048 bit RSA

Valid from

2006-12-15 08:00:00 UTC

Valid to

2021-12-15 08:00:00 UTC

CRL

75:E0:AB:B6:13:85:12:27:1C:04:F8:5F:DD:DE:38:E4:B7:24:2E:FE

Protocols

SSLv2	No
SSLv3	No
TLSv1	Yes
TLSv1.1	Yes
TLSv1.2	Yes

Ciphers

Server does not respect the client's cipher ordering.

Cipher suite	Bitsize	Forward secrecy	Info
ECDHE-RSA-AES128-GCM-SHA256 (0xc02f)	128	Yes	Curve: prime256v1
ECDHE-RSA-AES256-GCM-SHA384 (0xc030)	256	Yes	Curve: prime256v1
ECDHE-RSA-AES128-SHA (0xc013)	128	Yes	Curve: prime256v1
ECDHE-RSA-AES256-SHA (0xc014)	256	Yes	Curve: prime256v1
AES128-GCM-SHA256 (0x9c)	128	No	-
AES256-GCM-SHA384 (0x9d)	256	No	-
AES128-SHA (0x2f)	128	No	-
AES256-SHA (0x35)	256	No	-
DES-CBC3-SHA (0xa) WEAK	112	No	-

Certificates

Subject

commonName: gmail.com
countryName: US
localityName: Mountain View
organizationName: Google LLC
stateOrProvinceName: California

Details

Signature algorithm

sha256WithRSAEncryption

Public key

2048 bit RSA

Valid from

2019-12-03 14:47:31 UTC

Valid to

2020-02-25 14:47:31 UTC

CRL

OCSP

49:ED:0C:D1:95:C0:2B:45:59:8D:D3:5F:D4:22:CB:3A:B7:F8:B0:63

Subject Alternative Names

DNSName: gmail.com
DNSName: *.gmail.com

Subject

commonName: GTS CA 1O1
countryName: US
organizationName: Google Trust Services

Details

Signature algorithm

sha256WithRSAEncryption

Public key

2048 bit RSA

Valid from

2017-06-15 00:00:42 UTC

Valid to

2021-12-15 00:00:42 UTC

CRL

OCSP

DF:E2:07:0C:79:E7:FF:36:A9:25:FF:A3:27:FF:E3:DE:EC:F8:F9:C2

Protocols

SSLv2	No
SSLv3	No
TLSv1	Yes
TLSv1.1	Yes
TLSv1.2	Yes

Ciphers

Server does not respect the client's cipher ordering.

Cipher suite	Bitsize	Forward secrecy	Info
ECDHE-RSA-AES128-GCM-SHA256 (0xc02f)	128	Yes	Curve: prime256v1
ECDHE-RSA-AES256-GCM-SHA384 (0xc030)	256	Yes	Curve: prime256v1
ECDHE-RSA-AES128-SHA (0xc013)	128	Yes	Curve: prime256v1
ECDHE-RSA-AES256-SHA (0xc014)	256	Yes	Curve: prime256v1
AES128-GCM-SHA256 (0x9c)	128	No	-
AES256-GCM-SHA384 (0x9d)	256	No	-
AES128-SHA (0x2f)	128	No	-
AES256-SHA (0x35)	256	No	-
DES-CBC3-SHA (0xa) WEAK	112	No	-

Certificates

Subject

commonName: gmail.com
countryName: US
localityName: Mountain View
organizationName: Google LLC
stateOrProvinceName: California

Details

Signature algorithm

sha256WithRSAEncryption

Public key

2048 bit RSA

Valid from

2019-12-03 14:47:31 UTC

Valid to

2020-02-25 14:47:31 UTC

CRL

OCSP

49:ED:0C:D1:95:C0:2B:45:59:8D:D3:5F:D4:22:CB:3A:B7:F8:B0:63

Subject Alternative Names

DNSName: gmail.com
DNSName: *.gmail.com

Protocols

SSLv2	No
SSLv3	No
TLSv1	Yes
TLSv1.1	Yes
TLSv1.2	Yes

Ciphers

Server does not respect the client's cipher ordering.

Cipher suite	Bitsize	Forward secrecy	Info
ECDHE-RSA-AES128-GCM-SHA256 (0xc02f)	128	Yes	Curve: prime256v1
ECDHE-RSA-AES256-GCM-SHA384 (0xc030)	256	Yes	Curve: prime256v1
ECDHE-RSA-AES128-SHA (0xc013)	128	Yes	Curve: prime256v1
ECDHE-RSA-AES256-SHA (0xc014)	256	Yes	Curve: prime256v1
AES128-GCM-SHA256 (0x9c)	128	No	-
AES256-GCM-SHA384 (0x9d)	256	No	-
AES128-SHA (0x2f)	128	No	-
AES256-SHA (0x35)	256	No	-
DES-CBC3-SHA (0xa) WEAK	112	No	-