IM Observatory client report for ietf.org

Test started 2018-12-11 10:48:57 UTC .

Show server to server result | Permalink to this report | Retest

ietf.org:5222
Server uses Diffie-Hellman parameters of < 2048 bits. Grade capped to B.
ietf.org:5222
StartTLS
ALLOWED

SASL

Pre-TLS
DIGEST-MD5
PLAIN
SCRAM-SHA-1
X-OAUTH2
Post-TLS
DIGEST-MD5
PLAIN
SCRAM-SHA-1
X-OAUTH2

SRV records _xmpp-client._tcp.ietf.org BOGUS DNSSEC

Priority Weight Port Server

TLSA records

Certificates

Subject
commonName
*.ietf.org
organizationalUnitName
Domain Control Validated
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2018-06-12 15:44:12 UTC
Valid to
2019-08-11 23:12:50 UTC
CRL
http://crl.starfieldtech.com/sfig2s1-108.crl
OCSP
http://ocsp.starfieldtech.com/
Valid for ietf.org
YES
1C:B9:6B:BB:3E:CB:0D:11:6A:E7:89:08:91:CC:59:25:42:B8:39:F3
Subject Alternative Names
DNSName
*.ietf.org
DNSName
ietf.org Matches
Subject
commonName
Starfield Secure Certificate Authority - G2
countryName
US
localityName
Scottsdale
organizationalUnitName
http://certs.starfieldtech.com/repository/
organizationName
Starfield Technologies, Inc.
stateOrProvinceName
Arizona
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2011-05-03 07:00:00 UTC
Valid to
2031-05-03 07:00:00 UTC
CRL
http://crl.starfieldtech.com/sfroot-g2.crl
OCSP
http://ocsp.starfieldtech.com/
7E:DC:37:6D:CF:D4:5E:6D:DF:08:2C:16:0D:F6:AC:21:83:5B:95:D4
Subject
commonName
Starfield Root Certificate Authority - G2
countryName
US
localityName
Scottsdale
organizationName
Starfield Technologies, Inc.
stateOrProvinceName
Arizona
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2014-01-01 07:00:00 UTC
Valid to
2031-05-30 07:00:00 UTC
CRL
http://crl.starfieldtech.com/sfroot.crl
OCSP
http://ocsp.starfieldtech.com/
95:65:B7:78:C8:A5:0E:B4:FE:FD:45:C8:A6:58:DD:E2:41:1E:AD:0A
Subject
countryName
US
organizationalUnitName
Starfield Class 2 Certification Authority
organizationName
Starfield Technologies, Inc.
Details
Signature algorithm
sha1WithRSAEncryption
Public key
2048 bit RSA
Valid from
2004-06-29 17:39:16 UTC
Valid to
2034-06-29 17:39:16 UTC
AD:7E:1C:28:B0:64:EF:8F:60:03:40:20:14:C3:D0:E3:37:0E:B5:8A

Protocols

SSLv2 No
SSLv3 No
TLSv1 Yes
TLSv1.1 Yes
TLSv1.2 Yes

Ciphers

Server does respect the client's cipher ordering.

Cipher suiteBitsizeForward secrecyInfo
ECDHE-RSA-AES256-GCM-SHA384 (0xc030) 256 Yes Curve: prime256v1
ECDHE-RSA-AES256-SHA384 (0xc028) 256 Yes Curve: prime256v1
ECDHE-RSA-AES256-SHA (0xc014) 256 Yes Curve: prime256v1
DHE-RSA-AES256-GCM-SHA384 (0x9f) 256 Yes Diffie-Hellman:
Group: RFC 5114 1024-bit MODP Group with 160-bit Prime Order Subgroup
Bitsize: 1024
DHE-RSA-CAMELLIA256-SHA (0x88) 256 Yes Diffie-Hellman:
Group: RFC 5114 1024-bit MODP Group with 160-bit Prime Order Subgroup
Bitsize: 1024
DHE-RSA-AES256-SHA256 (0x6b) 256 Yes Diffie-Hellman:
Group: RFC 5114 1024-bit MODP Group with 160-bit Prime Order Subgroup
Bitsize: 1024
DHE-RSA-AES256-SHA (0x39) 256 Yes Diffie-Hellman:
Group: RFC 5114 1024-bit MODP Group with 160-bit Prime Order Subgroup
Bitsize: 1024
AES256-GCM-SHA384 (0x9d) 256 No -
CAMELLIA256-SHA (0x84) 256 No -
AES256-SHA256 (0x3d) 256 No -
AES256-SHA (0x35) 256 No -
ECDHE-RSA-AES128-GCM-SHA256 (0xc02f) 128 Yes Curve: prime256v1
ECDHE-RSA-AES128-SHA256 (0xc027) 128 Yes Curve: prime256v1
ECDHE-RSA-AES128-SHA (0xc013) 128 Yes Curve: prime256v1
DHE-RSA-AES128-GCM-SHA256 (0x9e) 128 Yes Diffie-Hellman:
Group: RFC 5114 1024-bit MODP Group with 160-bit Prime Order Subgroup
Bitsize: 1024
DHE-RSA-SEED-SHA (0x9a) 128 Yes Diffie-Hellman:
Group: RFC 5114 1024-bit MODP Group with 160-bit Prime Order Subgroup
Bitsize: 1024
DHE-RSA-AES128-SHA256 (0x67) 128 Yes Diffie-Hellman:
Group: RFC 5114 1024-bit MODP Group with 160-bit Prime Order Subgroup
Bitsize: 1024
DHE-RSA-CAMELLIA128-SHA (0x45) 128 Yes Diffie-Hellman:
Group: RFC 5114 1024-bit MODP Group with 160-bit Prime Order Subgroup
Bitsize: 1024
DHE-RSA-AES128-SHA (0x33) 128 Yes Diffie-Hellman:
Group: RFC 5114 1024-bit MODP Group with 160-bit Prime Order Subgroup
Bitsize: 1024
AES128-GCM-SHA256 (0x9c) 128 No -
SEED-SHA (0x96) 128 No -
CAMELLIA128-SHA (0x41) 128 No -
AES128-SHA256 (0x3c) 128 No -
AES128-SHA (0x2f) 128 No -
ECDHE-RSA-DES-CBC3-SHA (0xc012) WEAK 112 Yes Curve: prime256v1
EDH-RSA-DES-CBC3-SHA (0x16) WEAK 112 Yes Diffie-Hellman:
Group: RFC 5114 1024-bit MODP Group with 160-bit Prime Order Subgroup
Bitsize: 1024
DES-CBC3-SHA (0xa) WEAK 112 No -

Badge

xmpp.net score

Want to show this result on your webpage? Add this:

<a href='https://xmpp.net/result.php?domain=ietf.org&amp;type=client'><img src='https://xmpp.net/badge.php?domain=ietf.org' alt='xmpp.net score' /></a>