IM Observatory client report for jabber.rootbash.com

Test started 2018-02-03 18:07:34 UTC .

Show server to server result | Permalink to this report | Retest

jabber.rootbash.com:5222
Certificate is not trusted, grade capped to F. Ignoring trust: B.
Server uses Diffie-Hellman parameters of < 2048 bits. Grade capped to B.
jabber.rootbash.com:5222
StartTLS
ALLOWED

SASL

Pre-TLS
ANONYMOUS
CRAM-MD5
DIGEST-MD5
EXTERNAL
PLAIN
SCRAM-SHA-1
Post-TLS
ANONYMOUS
CRAM-MD5
DIGEST-MD5
EXTERNAL
PLAIN
SCRAM-SHA-1

SRV records _xmpp-client._tcp.jabber.rootbash.com NO DNSSEC

Priority Weight Port Server
0 0 5222 jabber.rootbash.com

TLSA records

Certificates

Subject
commonName
jabber.rootbash.com
organizationalUnitName
Domain Control Validated
organizationalUnitName
PositiveSSL
Details
Error: certificate has expired.
Signature algorithm
sha1WithRSAEncryption
Public key
2048 bit RSA
Valid from
2012-09-07 00:00:00 UTC
Valid to
2017-12-06 23:59:59 UTC
CRL
http://crl.comodoca.com/PositiveSSLCA2.crl
OCSP
http://ocsp.comodoca.com
Valid for jabber.rootbash.com
YES
C6:B3:93:79:6E:66:B3:54:E8:34:E4:D6:32:17:6C:3A:14:E3:37:39
Subject Alternative Names
DNSName
jabber.rootbash.com Matches
DNSName
www.jabber.rootbash.com
Subject
commonName
PositiveSSL CA 2
countryName
GB
localityName
Salford
organizationName
COMODO CA Limited
stateOrProvinceName
Greater Manchester
Details
Signature algorithm
sha1WithRSAEncryption
Public key
2048 bit RSA
Valid from
2012-02-16 00:00:00 UTC
Valid to
2020-05-30 10:48:38 UTC
CRL
http://crl.usertrust.com/AddTrustExternalCARoot.crl
OCSP
http://ocsp.usertrust.com
94:80:7B:1C:78:8D:D2:FC:BE:19:C8:48:1C:E4:1C:FA:B8:A4:C1:7F
Subject
commonName
AddTrust External CA Root
countryName
SE
organizationalUnitName
AddTrust External TTP Network
organizationName
AddTrust AB
Details
Signature algorithm
sha1WithRSAEncryption
Public key
2048 bit RSA
Valid from
2000-05-30 10:48:38 UTC
Valid to
2020-05-30 10:48:38 UTC
02:FA:F3:E2:91:43:54:68:60:78:57:69:4D:F5:E4:5B:68:85:18:68

Protocols

SSLv2 No
SSLv3 No
TLSv1 Yes
TLSv1.1 Yes
TLSv1.2 Yes

Ciphers

Server does respect the client's cipher ordering.

Cipher suiteBitsizeForward secrecyInfo
ECDHE-RSA-AES256-GCM-SHA384 (0xc030) 256 Yes Curve: sect571r1
ECDHE-RSA-AES256-SHA384 (0xc028) 256 Yes Curve: sect571r1
ECDHE-RSA-AES256-SHA (0xc014) 256 Yes Curve: sect571r1
DHE-RSA-AES256-GCM-SHA384 (0x9f) 256 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DHE-RSA-AES256-SHA256 (0x6b) 256 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DHE-RSA-AES256-SHA (0x39) 256 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
AES256-GCM-SHA384 (0x9d) 256 No -
AES256-SHA256 (0x3d) 256 No -
AES256-SHA (0x35) 256 No -
ECDHE-RSA-AES128-GCM-SHA256 (0xc02f) 128 Yes Curve: sect571r1
ECDHE-RSA-AES128-SHA256 (0xc027) 128 Yes Curve: sect571r1
ECDHE-RSA-AES128-SHA (0xc013) 128 Yes Curve: sect571r1
DHE-RSA-AES128-GCM-SHA256 (0x9e) 128 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DHE-RSA-AES128-SHA256 (0x67) 128 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DHE-RSA-AES128-SHA (0x33) 128 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
AES128-GCM-SHA256 (0x9c) 128 No -
AES128-SHA256 (0x3c) 128 No -
AES128-SHA (0x2f) 128 No -
ECDHE-RSA-DES-CBC3-SHA (0xc012) WEAK 112 Yes Curve: sect571r1
EDH-RSA-DES-CBC3-SHA (0x16) WEAK 112 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DES-CBC3-SHA (0xa) WEAK 112 No -

Badge

xmpp.net score

Want to show this result on your webpage? Add this:

<a href='https://xmpp.net/result.php?domain=jabber.rootbash.com&amp;type=client'><img src='https://xmpp.net/badge.php?domain=jabber.rootbash.com' alt='xmpp.net score' /></a>