IM Observatory server report for kth.se

Test started 2018-09-21 11:06:55 UTC .

Show client to server result | Permalink to this report | Retest

openfire-1.sys.kth.se:5269
Certificate is not trusted, grade capped to F. Ignoring trust: C.
Warning: Server allows RC4 when using TLS 1.1 and/or TLS 1.2. Grade capped to C.
Server supports SSL 3. Grade capped to B.
Server uses Diffie-Hellman parameters of < 2048 bits. Grade capped to B.
openfire-1.sys.kth.se:5269
StartTLS
ALLOWED

SRV records _xmpp-server._tcp.kth.se DNSSEC

Priority Weight Port Server
0 0 5269 openfire-1.sys.kth.se

TLSA records

Certificates

Subject
commonName
openfire-1.sys.kth.se
countryName
SE
localityName
Stockholm
organizationalUnitName
ITA
organizationName
Kungliga Tekniska Högskolan
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2018-06-15 00:00:00 UTC
Valid to
2020-09-17 00:00:00 UTC
CRL
http://crl4.digicert.com/TERENASSLCA3.crl
OCSP
http://ocsp.digicert.com
Valid for kth.se
NO
FA:E6:E3:0A:54:98:09:16:D4:18:75:EB:9F:E4:50:69:16:C9:49:18
Subject Alternative Names
DNSName
openfire-1.sys.kth.se
DNSName
xmpp.sys.kth.se
Subject
commonName
TERENA SSL CA 3
countryName
NL
localityName
Amsterdam
organizationName
TERENA
stateOrProvinceName
Noord-Holland
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2014-11-18 12:00:00 UTC
Valid to
2024-11-18 12:00:00 UTC
CRL
http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl
OCSP
http://ocsp.digicert.com
77:B9:9B:B2:BD:75:22:E1:7E:C0:99:EA:71:77:51:6F:27:78:7C:AD
Subject
commonName
DigiCert Assured ID Root CA
countryName
US
organizationalUnitName
www.digicert.com
organizationName
DigiCert Inc
Details
Signature algorithm
sha1WithRSAEncryption
Public key
2048 bit RSA
Valid from
2006-11-10 00:00:00 UTC
Valid to
2031-11-10 00:00:00 UTC
05:63:B8:63:0D:62:D7:5A:BB:C8:AB:1E:4B:DF:B5:A8:99:B2:4D:43

Protocols

SSLv2 No
SSLv3 Yes
TLSv1 Yes
TLSv1.1 Yes
TLSv1.2 Yes

Ciphers

Server does respect the client's cipher ordering.

Cipher suiteBitsizeForward secrecyInfo
ECDHE-RSA-AES256-SHA384 (0xc028) 256 Yes Curve: sect571r1
ECDHE-RSA-AES256-SHA (0xc014) 256 Yes Curve: sect571r1
DHE-RSA-AES256-SHA256 (0x6b) 256 Yes Diffie-Hellman:
Group: Java sun.security.provider default 768-bit prime
Bitsize: 768
DHE-RSA-AES256-SHA (0x39) 256 Yes Diffie-Hellman:
Group: Java sun.security.provider default 768-bit prime
Bitsize: 768
AES256-SHA256 (0x3d) 256 No -
AES256-SHA (0x35) 256 No -
ECDHE-RSA-AES128-SHA256 (0xc027) 128 Yes Curve: sect571r1
ECDHE-RSA-AES128-SHA (0xc013) 128 Yes Curve: sect571r1
ECDHE-RSA-RC4-SHA (0xc011) 128 Yes Curve: sect571r1
DHE-RSA-AES128-SHA256 (0x67) 128 Yes Diffie-Hellman:
Group: Java sun.security.provider default 768-bit prime
Bitsize: 768
DHE-RSA-AES128-SHA (0x33) 128 Yes Diffie-Hellman:
Group: Java sun.security.provider default 768-bit prime
Bitsize: 768
RC4-MD5 (0x10080) 128 No -
AES128-SHA256 (0x3c) 128 No -
AES128-SHA (0x2f) 128 No -
RC4-SHA (0x5) 128 No -
ECDHE-RSA-DES-CBC3-SHA (0xc012) WEAK 112 Yes Curve: sect571r1
EDH-RSA-DES-CBC3-SHA (0x16) WEAK 112 Yes Diffie-Hellman:
Group: Java sun.security.provider default 768-bit prime
Bitsize: 768
DES-CBC3-SHA (0xa) WEAK 112 No -

Badge

xmpp.net score

Want to show this result on your webpage? Add this:

<a href='https://xmpp.net/result.php?domain=kth.se&amp;type=server'><img src='https://xmpp.net/badge.php?domain=kth.se' alt='xmpp.net score' /></a>