IM Observatory client report for jit.si

Test started 2018-09-16 14:13:33 UTC .

Show server to server result | Permalink to this report | Retest

xmpp.jit.si:5222
Certificate is not trusted, grade capped to F. Ignoring trust: B.
Server uses Diffie-Hellman parameters of < 2048 bits. Grade capped to B.
xmpp.jit.si:5222
StartTLS
REQUIRED

SASL

Pre-TLS
CRAM-MD5
DIGEST-MD5
PLAIN
Post-TLS
CRAM-MD5
DIGEST-MD5
PLAIN

SRV records _xmpp-client._tcp.jit.si NO DNSSEC

Priority Weight Port Server
35 0 5222 xmpp.jit.si

TLSA records

Certificates

Subject
commonName
jit.si
organizationalUnitName
Domain Control Validated
Details
Error: certificate has expired.
Signature algorithm
sha256WithRSAEncryption
Public key
4096 bit RSA
Valid from
2014-11-07 14:37:49 UTC
Valid to
2016-08-21 13:03:18 UTC
CRL
http://crl.godaddy.com/gdig2s1-87.crl
OCSP
http://ocsp.godaddy.com/
Valid for jit.si
YES
26:C6:31:B7:CA:3C:2B:83:83:DB:E1:32:26:01:04:43:62:2C:13:BB
Subject Alternative Names
DNSName
jit.si Matches
DNSName
www.jit.si
Subject
commonName
Go Daddy Secure Certificate Authority - G2
countryName
US
localityName
Scottsdale
organizationalUnitName
http://certs.godaddy.com/repository/
organizationName
GoDaddy.com, Inc.
stateOrProvinceName
Arizona
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2011-05-03 07:00:00 UTC
Valid to
2031-05-03 07:00:00 UTC
CRL
http://crl.godaddy.com/gdroot-g2.crl
OCSP
http://ocsp.godaddy.com/
27:AC:93:69:FA:F2:52:07:BB:26:27:CE:FA:CC:BE:4E:F9:C3:19:B8
Subject
commonName
Go Daddy Root Certificate Authority - G2
countryName
US
localityName
Scottsdale
organizationName
GoDaddy.com, Inc.
stateOrProvinceName
Arizona
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2014-01-01 07:00:00 UTC
Valid to
2031-05-30 07:00:00 UTC
CRL
http://crl.godaddy.com/gdroot.crl
OCSP
http://ocsp.godaddy.com/
34:0B:28:80:F4:46:FC:C0:4E:59:ED:33:F5:2B:3D:08:D6:24:29:64
Subject
countryName
US
organizationalUnitName
Go Daddy Class 2 Certification Authority
organizationName
The Go Daddy Group, Inc.
Details
Signature algorithm
sha1WithRSAEncryption
Public key
2048 bit RSA
Valid from
2004-06-29 17:06:20 UTC
Valid to
2034-06-29 17:06:20 UTC
27:96:BA:E6:3F:18:01:E2:77:26:1B:A0:D7:77:70:02:8F:20:EE:E4

Protocols

SSLv2 No
SSLv3 No
TLSv1 Yes
TLSv1.1 Yes
TLSv1.2 Yes

Ciphers

Server does respect the client's cipher ordering.

Cipher suiteBitsizeForward secrecyInfo
ECDHE-RSA-AES256-GCM-SHA384 (0xc030) 256 Yes Curve: sect571r1
ECDHE-RSA-AES256-SHA384 (0xc028) 256 Yes Curve: sect571r1
ECDHE-RSA-AES256-SHA (0xc014) 256 Yes Curve: sect571r1
DHE-RSA-AES256-GCM-SHA384 (0x9f) 256 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DHE-RSA-AES256-SHA256 (0x6b) 256 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DHE-RSA-AES256-SHA (0x39) 256 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
AES256-GCM-SHA384 (0x9d) 256 No -
AES256-SHA256 (0x3d) 256 No -
AES256-SHA (0x35) 256 No -
ECDHE-RSA-AES128-GCM-SHA256 (0xc02f) 128 Yes Curve: sect571r1
ECDHE-RSA-AES128-SHA256 (0xc027) 128 Yes Curve: sect571r1
ECDHE-RSA-AES128-SHA (0xc013) 128 Yes Curve: sect571r1
DHE-RSA-AES128-GCM-SHA256 (0x9e) 128 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DHE-RSA-AES128-SHA256 (0x67) 128 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DHE-RSA-AES128-SHA (0x33) 128 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
AES128-GCM-SHA256 (0x9c) 128 No -
AES128-SHA256 (0x3c) 128 No -
AES128-SHA (0x2f) 128 No -
ECDHE-RSA-DES-CBC3-SHA (0xc012) WEAK 112 Yes Curve: sect571r1
EDH-RSA-DES-CBC3-SHA (0x16) WEAK 112 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DES-CBC3-SHA (0xa) WEAK 112 No -

Badge

xmpp.net score

Want to show this result on your webpage? Add this:

<a href='https://xmpp.net/result.php?domain=jit.si&amp;type=client'><img src='https://xmpp.net/badge.php?domain=jit.si' alt='xmpp.net score' /></a>