IM Observatory client report for iris.chat

Test started 2019-01-07 20:44:08 UTC .

Show server to server result | Permalink to this report |

iris.chat:5222
Certificate is not trusted, grade capped to F. Ignoring trust: B.
Server uses Diffie-Hellman parameters of < 2048 bits. Grade capped to B.
iris.chat:5222
StartTLS
ALLOWED

SASL

Pre-TLS
CRAM-MD5
DIGEST-MD5
PLAIN
SCRAM-SHA-1
Post-TLS
CRAM-MD5
DIGEST-MD5
PLAIN
SCRAM-SHA-1

SRV records _xmpp-client._tcp.iris.chat BOGUS DNSSEC

Priority Weight Port Server

TLSA records

Certificates

Subject
commonName
iris.chat
Details
Error: unable to get local issuer certificate.
Error: unable to verify the first certificate.
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2018-07-03 00:00:00 UTC
Valid to
2019-07-03 12:00:00 UTC
CRL
http://cdp.rapidssl.com/RapidSSLRSACA2018.crl
OCSP
http://status.rapidssl.com
Valid for iris.chat
YES
1F:E9:63:43:55:93:4A:AE:A0:CF:B1:BF:2B:9D:02:ED:60:12:24:8F
Subject Alternative Names
DNSName
iris.chat Matches
DNSName
www.iris.chat
Subject
commonName
RapidSSL RSA CA 2018
countryName
US
organizationalUnitName
www.digicert.com
organizationName
DigiCert Inc
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2017-11-06 12:23:33 UTC
Valid to
2027-11-06 12:23:33 UTC
CRL
http://crl3.digicert.com/DigiCertGlobalRootCA.crl
OCSP
http://ocsp.digicert.com
98:C6:A8:DC:88:79:63:BA:3C:F9:C2:73:1C:BD:D3:F7:DE:05:AC:2D
Subject
commonName
DigiCert Global Root CA
countryName
US
organizationalUnitName
www.digicert.com
organizationName
DigiCert Inc
Details
Signature algorithm
sha1WithRSAEncryption
Public key
2048 bit RSA
Valid from
2006-11-10 00:00:00 UTC
Valid to
2031-11-10 00:00:00 UTC
A8:98:5D:3A:65:E5:E5:C4:B2:D7:D6:6D:40:C6:DD:2F:B1:9C:54:36

Protocols

SSLv2 No
SSLv3 No
TLSv1 Yes
TLSv1.1 Yes
TLSv1.2 Yes

Ciphers

Server does respect the client's cipher ordering.

Cipher suiteBitsizeForward secrecyInfo
ECDHE-RSA-AES256-GCM-SHA384 (0xc030) 256 Yes Curve: sect571r1
ECDHE-RSA-AES256-SHA384 (0xc028) 256 Yes Curve: sect571r1
ECDHE-RSA-AES256-SHA (0xc014) 256 Yes Curve: sect571r1
DHE-RSA-AES256-GCM-SHA384 (0x9f) 256 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DHE-RSA-AES256-SHA256 (0x6b) 256 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DHE-RSA-AES256-SHA (0x39) 256 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
AES256-GCM-SHA384 (0x9d) 256 No -
AES256-SHA256 (0x3d) 256 No -
AES256-SHA (0x35) 256 No -
ECDHE-RSA-AES128-GCM-SHA256 (0xc02f) 128 Yes Curve: sect571r1
ECDHE-RSA-AES128-SHA256 (0xc027) 128 Yes Curve: sect571r1
ECDHE-RSA-AES128-SHA (0xc013) 128 Yes Curve: sect571r1
DHE-RSA-AES128-GCM-SHA256 (0x9e) 128 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DHE-RSA-AES128-SHA256 (0x67) 128 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DHE-RSA-AES128-SHA (0x33) 128 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
AES128-GCM-SHA256 (0x9c) 128 No -
AES128-SHA256 (0x3c) 128 No -
AES128-SHA (0x2f) 128 No -
ECDHE-RSA-DES-CBC3-SHA (0xc012) WEAK 112 Yes Curve: sect571r1
EDH-RSA-DES-CBC3-SHA (0x16) WEAK 112 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DES-CBC3-SHA (0xa) WEAK 112 No -

Badge

xmpp.net score

Want to show this result on your webpage? Add this:

<a href='https://xmpp.net/result.php?domain=iris.chat&amp;type=client'><img src='https://xmpp.net/badge.php?domain=iris.chat' alt='xmpp.net score' /></a>