IM Observatory client report for nci.nih.gov

Test started 2018-06-16 20:03:48 UTC .

Show server to server result | Permalink to this report | Retest

nciuc-p093-v.nci.nih.gov:5222
Certificate is not trusted, grade capped to F. Ignoring trust: B.
Server uses Diffie-Hellman parameters of < 2048 bits. Grade capped to B.
nciuc-p093-v.nci.nih.gov:5222
StartTLS
ALLOWED

SASL

Pre-TLS

None

Post-TLS
PLAIN

SRV records _xmpp-client._tcp.nci.nih.gov DNSSEC

Priority Weight Port Server
0 0 5222 nciuc-p093-v.nci.nih.gov

TLSA records

Certificates

Subject
commonName
nciuc-p161-p1.nci.nih.gov
countryName
US
localityName
Rockville
organizationalUnitName
CBIIT,
organizationName
National Cancer Institute
stateOrProvinceName
Maryland
Details
Error: unable to get local issuer certificate.
Error: unable to verify the first certificate.
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2017-12-01 00:00:00 UTC
Valid to
2019-12-06 12:00:00 UTC
CRL
http://crl4.digicert.com/ssca-sha2-g6.crl
OCSP
http://ocsp.digicert.com
Valid for nci.nih.gov
YES
3B:52:60:F4:82:B7:DB:34:9E:0D:36:D1:D2:2A:01:A2:E2:97:B6:13
Subject Alternative Names
DNSName
nciuc-p161-p1.nci.nih.gov
DNSName
cms-core1.nci.nih.gov
DNSName
cms-core2.nci.nih.gov
DNSName
cms-core3.nci.nih.gov
DNSName
nci.nih.gov Matches
Subject
commonName
DigiCert SHA2 Secure Server CA
countryName
US
organizationName
DigiCert Inc
Details
Signature algorithm
sha256WithRSAEncryption
Public key
2048 bit RSA
Valid from
2013-03-08 12:00:00 UTC
Valid to
2023-03-08 12:00:00 UTC
CRL
http://crl4.digicert.com/DigiCertGlobalRootCA.crl
OCSP
http://ocsp.digicert.com
1F:B8:6B:11:68:EC:74:31:54:06:2E:8C:9C:C5:B1:71:A4:B7:CC:B4
Subject
commonName
DigiCert Global Root CA
countryName
US
organizationalUnitName
www.digicert.com
organizationName
DigiCert Inc
Details
Signature algorithm
sha1WithRSAEncryption
Public key
2048 bit RSA
Valid from
2006-11-10 00:00:00 UTC
Valid to
2031-11-10 00:00:00 UTC
A8:98:5D:3A:65:E5:E5:C4:B2:D7:D6:6D:40:C6:DD:2F:B1:9C:54:36

Protocols

SSLv2 No
SSLv3 No
TLSv1 Yes
TLSv1.1 Yes
TLSv1.2 Yes

Ciphers

Server does respect the client's cipher ordering.

Cipher suiteBitsizeForward secrecyInfo
ECDHE-RSA-AES256-GCM-SHA384 (0xc030) 256 Yes Curve: prime256v1
ECDHE-RSA-AES256-SHA384 (0xc028) 256 Yes Curve: prime256v1
DHE-RSA-AES256-GCM-SHA384 (0x9f) 256 Yes Diffie-Hellman:
Bitsize: 1024
DHE-RSA-AES256-SHA256 (0x6b) 256 Yes Diffie-Hellman:
Bitsize: 1024
AES256-GCM-SHA384 (0x9d) 256 No -
AES256-SHA256 (0x3d) 256 No -
AES256-SHA (0x35) 256 No -
ECDHE-RSA-AES128-GCM-SHA256 (0xc02f) 128 Yes Curve: prime256v1
ECDHE-RSA-AES128-SHA256 (0xc027) 128 Yes Curve: prime256v1
DHE-RSA-AES128-GCM-SHA256 (0x9e) 128 Yes Diffie-Hellman:
Bitsize: 1024
DHE-RSA-AES128-SHA256 (0x67) 128 Yes Diffie-Hellman:
Bitsize: 1024
AES128-GCM-SHA256 (0x9c) 128 No -
AES128-SHA256 (0x3c) 128 No -
AES128-SHA (0x2f) 128 No -
DES-CBC3-SHA (0xa) WEAK 112 No -

Badge

xmpp.net score

Want to show this result on your webpage? Add this:

<a href='https://xmpp.net/result.php?domain=nci.nih.gov&amp;type=client'><img src='https://xmpp.net/badge.php?domain=nci.nih.gov' alt='xmpp.net score' /></a>