IM Observatory client report for gmail.com

xmpp.l.google.com:5222

StartTLS: REQUIRED

SASL

Pre-TLS

Post-TLS

alt1.xmpp.l.google.com:5222

StartTLS: REQUIRED

SASL

Pre-TLS

Post-TLS

alt2.xmpp.l.google.com:5222

StartTLS: REQUIRED

SASL

Pre-TLS

Post-TLS

alt3.xmpp.l.google.com:5222

StartTLS: REQUIRED

SASL

Pre-TLS

Post-TLS

alt4.xmpp.l.google.com:5222

StartTLS: REQUIRED

SASL

Pre-TLS

Post-TLS

SRV records _xmpp-client._tcp.gmail.com NO DNSSEC

Priority	Port	Server
5	5222	xmpp.l.google.com
20	5222	alt1.xmpp.l.google.com
20	5222	alt2.xmpp.l.google.com
20	5222	alt3.xmpp.l.google.com
20	5222	alt4.xmpp.l.google.com

TLSA records

Certificates

Subject

commonName: gmail.com
countryName: US
localityName: Mountain View
organizationName: Google LLC
stateOrProvinceName: California

Details

Signature algorithm

sha256WithRSAEncryption

Public key

2048 bit RSA

Valid from

2019-01-29 14:58:00 UTC

Valid to

2019-04-23 14:58:00 UTC

CRL

OCSP

Valid for gmail.com

YES

88:9D:6F:12:71:B1:91:D6:33:A1:88:83:68:29:B0:BD:44:6C:E9:B2

Subject Alternative Names

DNSName: gmail.com Matches
DNSName: *.gmail.com

Subject

commonName: Google Internet Authority G3
countryName: US
organizationName: Google Trust Services

Details

Signature algorithm

sha256WithRSAEncryption

Public key

2048 bit RSA

Valid from

2017-06-15 00:00:42 UTC

Valid to

2021-12-15 00:00:42 UTC

CRL

OCSP

http://crl.globalsign.net/root-r2.crl

EE:AC:BD:0C:B4:52:81:95:77:91:1E:1E:62:03:DB:26:2F:84:A3:18

Subject

commonName: GlobalSign
organizationalUnitName: GlobalSign Root CA - R2
organizationName: GlobalSign

Details

Signature algorithm

sha1WithRSAEncryption

Public key

2048 bit RSA

Valid from

2006-12-15 08:00:00 UTC

Valid to

2021-12-15 08:00:00 UTC

CRL

75:E0:AB:B6:13:85:12:27:1C:04:F8:5F:DD:DE:38:E4:B7:24:2E:FE

Protocols

SSLv2	No
SSLv3	No
TLSv1	Yes
TLSv1.1	Yes
TLSv1.2	Yes

Ciphers

Server does not respect the client's cipher ordering.

Cipher suite	Bitsize	Forward secrecy	Info
ECDHE-RSA-AES128-GCM-SHA256 (0xc02f)	128	Yes	Curve: prime256v1
ECDHE-RSA-AES256-GCM-SHA384 (0xc030)	256	Yes	Curve: prime256v1
ECDHE-RSA-AES128-SHA (0xc013)	128	Yes	Curve: prime256v1
ECDHE-RSA-AES256-SHA (0xc014)	256	Yes	Curve: prime256v1
AES128-GCM-SHA256 (0x9c)	128	No	-
AES256-GCM-SHA384 (0x9d)	256	No	-
AES128-SHA (0x2f)	128	No	-
AES256-SHA (0x35)	256	No	-
DES-CBC3-SHA (0xa) WEAK	112	No	-

Certificates

Subject

commonName: gmail.com
countryName: US
localityName: Mountain View
organizationName: Google LLC
stateOrProvinceName: California

Details

Signature algorithm

sha256WithRSAEncryption

Public key

2048 bit RSA

Valid from

2019-01-29 14:58:00 UTC

Valid to

2019-04-23 14:58:00 UTC

CRL

OCSP

88:9D:6F:12:71:B1:91:D6:33:A1:88:83:68:29:B0:BD:44:6C:E9:B2

Subject Alternative Names

DNSName: gmail.com
DNSName: *.gmail.com

Subject

commonName: Google Internet Authority G3
countryName: US
organizationName: Google Trust Services

Details

Signature algorithm

sha256WithRSAEncryption

Public key

2048 bit RSA

Valid from

2017-06-15 00:00:42 UTC

Valid to

2021-12-15 00:00:42 UTC

CRL

OCSP

http://crl.globalsign.net/root-r2.crl

EE:AC:BD:0C:B4:52:81:95:77:91:1E:1E:62:03:DB:26:2F:84:A3:18

Subject

commonName: GlobalSign
organizationalUnitName: GlobalSign Root CA - R2
organizationName: GlobalSign

Details

Signature algorithm

sha1WithRSAEncryption

Public key

2048 bit RSA

Valid from

2006-12-15 08:00:00 UTC

Valid to

2021-12-15 08:00:00 UTC

CRL

75:E0:AB:B6:13:85:12:27:1C:04:F8:5F:DD:DE:38:E4:B7:24:2E:FE

Protocols

SSLv2	No
SSLv3	No
TLSv1	Yes
TLSv1.1	Yes
TLSv1.2	Yes

Ciphers

Server does not respect the client's cipher ordering.

Cipher suite	Bitsize	Forward secrecy	Info
ECDHE-RSA-AES128-GCM-SHA256 (0xc02f)	128	Yes	Curve: prime256v1
ECDHE-RSA-AES256-GCM-SHA384 (0xc030)	256	Yes	Curve: prime256v1
ECDHE-RSA-AES128-SHA (0xc013)	128	Yes	Curve: prime256v1
ECDHE-RSA-AES256-SHA (0xc014)	256	Yes	Curve: prime256v1
AES128-GCM-SHA256 (0x9c)	128	No	-
AES256-GCM-SHA384 (0x9d)	256	No	-
AES128-SHA (0x2f)	128	No	-
AES256-SHA (0x35)	256	No	-
DES-CBC3-SHA (0xa) WEAK	112	No	-

Certificates

Subject

commonName: gmail.com
countryName: US
localityName: Mountain View
organizationName: Google LLC
stateOrProvinceName: California

Details

Signature algorithm

sha256WithRSAEncryption

Public key

2048 bit RSA

Valid from

2019-01-29 14:58:00 UTC

Valid to

2019-04-23 14:58:00 UTC

CRL

OCSP

88:9D:6F:12:71:B1:91:D6:33:A1:88:83:68:29:B0:BD:44:6C:E9:B2

Subject Alternative Names

DNSName: gmail.com
DNSName: *.gmail.com

Subject

commonName: Google Internet Authority G3
countryName: US
organizationName: Google Trust Services

Details

Signature algorithm

sha256WithRSAEncryption

Public key

2048 bit RSA

Valid from

2017-06-15 00:00:42 UTC

Valid to

2021-12-15 00:00:42 UTC

CRL

OCSP

http://crl.globalsign.net/root-r2.crl

EE:AC:BD:0C:B4:52:81:95:77:91:1E:1E:62:03:DB:26:2F:84:A3:18

Subject

commonName: GlobalSign
organizationalUnitName: GlobalSign Root CA - R2
organizationName: GlobalSign

Details

Signature algorithm

sha1WithRSAEncryption

Public key

2048 bit RSA

Valid from

2006-12-15 08:00:00 UTC

Valid to

2021-12-15 08:00:00 UTC

CRL

75:E0:AB:B6:13:85:12:27:1C:04:F8:5F:DD:DE:38:E4:B7:24:2E:FE

Protocols

SSLv2	No
SSLv3	No
TLSv1	Yes
TLSv1.1	Yes
TLSv1.2	Yes

Ciphers

Server does not respect the client's cipher ordering.

Cipher suite	Bitsize	Forward secrecy	Info
ECDHE-RSA-AES128-GCM-SHA256 (0xc02f)	128	Yes	Curve: prime256v1
ECDHE-RSA-AES256-GCM-SHA384 (0xc030)	256	Yes	Curve: prime256v1
ECDHE-RSA-AES128-SHA (0xc013)	128	Yes	Curve: prime256v1
ECDHE-RSA-AES256-SHA (0xc014)	256	Yes	Curve: prime256v1
AES128-GCM-SHA256 (0x9c)	128	No	-
AES256-GCM-SHA384 (0x9d)	256	No	-
AES128-SHA (0x2f)	128	No	-
AES256-SHA (0x35)	256	No	-
DES-CBC3-SHA (0xa) WEAK	112	No	-

Certificates

Subject

commonName: gmail.com
countryName: US
localityName: Mountain View
organizationName: Google LLC
stateOrProvinceName: California

Details

Signature algorithm

sha256WithRSAEncryption

Public key

2048 bit RSA

Valid from

2019-01-29 14:58:00 UTC

Valid to

2019-04-23 14:58:00 UTC

CRL

OCSP

88:9D:6F:12:71:B1:91:D6:33:A1:88:83:68:29:B0:BD:44:6C:E9:B2

Subject Alternative Names

DNSName: gmail.com
DNSName: *.gmail.com

Subject

commonName: Google Internet Authority G3
countryName: US
organizationName: Google Trust Services

Details

Signature algorithm

sha256WithRSAEncryption

Public key

2048 bit RSA

Valid from

2017-06-15 00:00:42 UTC

Valid to

2021-12-15 00:00:42 UTC

CRL

OCSP

EE:AC:BD:0C:B4:52:81:95:77:91:1E:1E:62:03:DB:26:2F:84:A3:18

Protocols

SSLv2	No
SSLv3	No
TLSv1	Yes
TLSv1.1	Yes
TLSv1.2	Yes

Ciphers

Server does not respect the client's cipher ordering.

Cipher suite	Bitsize	Forward secrecy	Info
ECDHE-RSA-AES128-GCM-SHA256 (0xc02f)	128	Yes	Curve: prime256v1
ECDHE-RSA-AES256-GCM-SHA384 (0xc030)	256	Yes	Curve: prime256v1
ECDHE-RSA-AES128-SHA (0xc013)	128	Yes	Curve: prime256v1
ECDHE-RSA-AES256-SHA (0xc014)	256	Yes	Curve: prime256v1
AES128-GCM-SHA256 (0x9c)	128	No	-
AES256-GCM-SHA384 (0x9d)	256	No	-
AES128-SHA (0x2f)	128	No	-
AES256-SHA (0x35)	256	No	-
DES-CBC3-SHA (0xa) WEAK	112	No	-

Certificates

Subject

commonName: gmail.com
countryName: US
localityName: Mountain View
organizationName: Google LLC
stateOrProvinceName: California

Details

Signature algorithm

sha256WithRSAEncryption

Public key

2048 bit RSA

Valid from

2019-01-29 14:58:00 UTC

Valid to

2019-04-23 14:58:00 UTC

CRL

OCSP

88:9D:6F:12:71:B1:91:D6:33:A1:88:83:68:29:B0:BD:44:6C:E9:B2

Subject Alternative Names

DNSName: gmail.com
DNSName: *.gmail.com

Protocols

SSLv2	No
SSLv3	No
TLSv1	Yes
TLSv1.1	Yes
TLSv1.2	Yes

Ciphers

Server does not respect the client's cipher ordering.

Cipher suite	Bitsize	Forward secrecy	Info
ECDHE-RSA-AES128-GCM-SHA256 (0xc02f)	128	Yes	Curve: prime256v1
ECDHE-RSA-AES256-GCM-SHA384 (0xc030)	256	Yes	Curve: prime256v1
ECDHE-RSA-AES128-SHA (0xc013)	128	Yes	Curve: prime256v1
ECDHE-RSA-AES256-SHA (0xc014)	256	Yes	Curve: prime256v1
AES128-GCM-SHA256 (0x9c)	128	No	-
AES256-GCM-SHA384 (0x9d)	256	No	-
AES128-SHA (0x2f)	128	No	-
AES256-SHA (0x35)	256	No	-
DES-CBC3-SHA (0xa) WEAK	112	No	-