IM Observatory server report for im.uchicago.edu

Test started 2019-01-06 16:00:50 UTC .

Show client to server result | Permalink to this report |

im.uchicago.edu:5269
Certificate is not trusted, grade capped to F. Ignoring trust: B.
Server uses Diffie-Hellman parameters of < 2048 bits. Grade capped to B.
im.uchicago.edu:5269
StartTLS
ALLOWED

SRV records _xmpp-server._tcp.im.uchicago.edu BOGUS DNSSEC

Priority Weight Port Server

TLSA records

Certificates

Subject
commonName
im.uchicago.edu
countryName
US
localityName
Chicago
organizationalUnitName
IT Services - Manual Enrollment
organizationName
University of Chicago
postalCode
60637
stateOrProvinceName
IL
streetAddress
5801 South Ellis Avenue
Details
Error: unable to get local issuer certificate.
Error: unable to verify the first certificate.
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2018-07-30 00:00:00 UTC
Valid to
2020-07-29 23:59:59 UTC
CRL
http://crl.incommon-rsa.org/InCommonRSAServerCA.crl
OCSP
http://ocsp.usertrust.com
Valid for im.uchicago.edu
YES
A5:22:A1:C2:85:3E:19:F5:88:AA:D7:72:E6:FD:D1:CC:FB:4C:86:A5
Subject Alternative Names
DNSName
im.uchicago.edu Matches
Subject
commonName
InCommon RSA Server CA
countryName
US
localityName
Ann Arbor
organizationalUnitName
InCommon
organizationName
Internet2
stateOrProvinceName
MI
Details
Signature algorithm
sha384WithRSAEncryption
Public key
2048 bit RSA
Valid from
2014-10-06 00:00:00 UTC
Valid to
2024-10-05 23:59:59 UTC
CRL
http://crl.usertrust.com/USERTrustRSACertificationAuthority.crl
OCSP
http://ocsp.usertrust.com
F5:FB:01:DE:A6:E5:9C:A6:DD:05:70:54:F4:A3:FF:72:DD:E1:D5:C6
Subject
commonName
USERTrust RSA Certification Authority
countryName
US
localityName
Jersey City
organizationName
The USERTRUST Network
stateOrProvinceName
New Jersey
Details
Signature algorithm
sha384WithRSAEncryption
Public key
4096 bit RSA
Valid from
2000-05-30 10:48:38 UTC
Valid to
2020-05-30 10:48:38 UTC
CRL
http://crl.usertrust.com/AddTrustExternalCARoot.crl
OCSP
http://ocsp.usertrust.com
EA:B0:40:68:9A:0D:80:5B:5D:6F:D6:54:FC:16:8C:FF:00:B7:8B:E3
Subject
commonName
AddTrust External CA Root
countryName
SE
organizationalUnitName
AddTrust External TTP Network
organizationName
AddTrust AB
Details
Signature algorithm
sha1WithRSAEncryption
Public key
2048 bit RSA
Valid from
2000-05-30 10:48:38 UTC
Valid to
2020-05-30 10:48:38 UTC
02:FA:F3:E2:91:43:54:68:60:78:57:69:4D:F5:E4:5B:68:85:18:68

Protocols

SSLv2 No
SSLv3 No
TLSv1 Yes
TLSv1.1 Yes
TLSv1.2 Yes

Ciphers

Server does respect the client's cipher ordering.

Cipher suiteBitsizeForward secrecyInfo
ECDHE-RSA-AES256-GCM-SHA384 (0xc030) 256 Yes Curve: secp521r1
ECDHE-RSA-AES256-SHA384 (0xc028) 256 Yes Curve: secp521r1
ECDHE-RSA-AES256-SHA (0xc014) 256 Yes Curve: secp521r1
DHE-RSA-AES256-GCM-SHA384 (0x9f) 256 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DHE-RSA-AES256-SHA256 (0x6b) 256 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DHE-RSA-AES256-SHA (0x39) 256 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
AES256-GCM-SHA384 (0x9d) 256 No -
AES256-SHA256 (0x3d) 256 No -
AES256-SHA (0x35) 256 No -
ECDHE-RSA-AES128-GCM-SHA256 (0xc02f) 128 Yes Curve: secp521r1
ECDHE-RSA-AES128-SHA256 (0xc027) 128 Yes Curve: secp521r1
ECDHE-RSA-AES128-SHA (0xc013) 128 Yes Curve: secp521r1
DHE-RSA-AES128-GCM-SHA256 (0x9e) 128 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DHE-RSA-AES128-SHA256 (0x67) 128 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DHE-RSA-AES128-SHA (0x33) 128 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
AES128-GCM-SHA256 (0x9c) 128 No -
AES128-SHA256 (0x3c) 128 No -
AES128-SHA (0x2f) 128 No -

Badge

xmpp.net score

Want to show this result on your webpage? Add this:

<a href='https://xmpp.net/result.php?domain=im.uchicago.edu&amp;type=server'><img src='https://xmpp.net/badge.php?domain=im.uchicago.edu' alt='xmpp.net score' /></a>