IM Observatory client report for xmpp.sys.kth.se

Test started 2020-11-27 17:53:30 UTC .

Show server to server result | Permalink to this report |

xmpp.sys.kth.se:5222
Certificate is not trusted, grade capped to F. Ignoring trust: B.
Server uses Diffie-Hellman parameters of < 2048 bits. Grade capped to B.
xmpp.sys.kth.se:5222
StartTLS
REQUIRED

SASL

Pre-TLS
CRAM-MD5
PLAIN
Post-TLS
CRAM-MD5
PLAIN

SRV records _xmpp-client._tcp.xmpp.sys.kth.se NO DNSSEC

Priority Weight Port Server

TLSA records

Certificates

Subject
commonName
openfire-1.sys.kth.se
countryName
SE
localityName
Stockholm
organizationalUnitName
ITA
organizationName
Kungliga Tekniska högskolan
postalCode
11428
stateOrProvinceName
Stockholm
streetAddress
Brinellvägen 8
Details
Signature algorithm
sha384WithRSAEncryption
Public key
2048 bit RSA
Valid from
2020-04-07 00:00:00 UTC
Valid to
2021-04-07 23:59:59 UTC
CRL
http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl
OCSP
http://GEANT.ocsp.sectigo.com
Valid for xmpp.sys.kth.se
YES
81:5B:8A:27:C4:4D:9A:A3:95:0E:E4:26:4E:87:06:5B:48:87:D6:FB
Subject Alternative Names
DNSName
openfire-1.sys.kth.se
DNSName
xmpp.sys.kth.se Matches
Subject
commonName
GEANT OV RSA CA 4
countryName
NL
organizationName
GEANT Vereniging
Details
Signature algorithm
sha384WithRSAEncryption
Public key
4096 bit RSA
Valid from
2020-02-18 00:00:00 UTC
Valid to
2033-05-01 23:59:59 UTC
CRL
http://crl.usertrust.com/USERTrustRSACertificationAuthority.crl
OCSP
http://ocsp.usertrust.com
C2:82:6E:26:6D:74:05:D3:4E:F8:97:62:63:6A:E4:B3:6E:86:CB:5E
Subject
commonName
USERTrust RSA Certification Authority
countryName
US
localityName
Jersey City
organizationName
The USERTRUST Network
stateOrProvinceName
New Jersey
Details
Signature algorithm
sha384WithRSAEncryption
Public key
4096 bit RSA
Valid from
2019-03-12 00:00:00 UTC
Valid to
2028-12-31 23:59:59 UTC
CRL
http://crl.comodoca.com/AAACertificateServices.crl
OCSP
http://ocsp.comodoca.com
D8:9E:3B:D4:3D:5D:90:9B:47:A1:89:77:AA:9D:5C:E3:6C:EE:18:4C
Subject
commonName
AAA Certificate Services
countryName
GB
localityName
Salford
organizationName
Comodo CA Limited
stateOrProvinceName
Greater Manchester
Details
Signature algorithm
sha1WithRSAEncryption
Public key
2048 bit RSA
Valid from
2004-01-01 00:00:00 UTC
Valid to
2028-12-31 23:59:59 UTC
CRL
http://crl.comodo.net/AAACertificateServices.crl
D1:EB:23:A4:6D:17:D6:8F:D9:25:64:C2:F1:F1:60:17:64:D8:E3:49
Subject
commonName
USERTrust RSA Certification Authority
countryName
US
localityName
Jersey City
organizationName
The USERTRUST Network
stateOrProvinceName
New Jersey
Details
Warning: Certificate is unused.
Error: certificate has expired.
Signature algorithm
sha384WithRSAEncryption
Public key
4096 bit RSA
Valid from
2000-05-30 10:48:38 UTC
Valid to
2020-05-30 10:48:38 UTC
CRL
http://crl.usertrust.com/AddTrustExternalCARoot.crl
OCSP
http://ocsp.usertrust.com
EA:B0:40:68:9A:0D:80:5B:5D:6F:D6:54:FC:16:8C:FF:00:B7:8B:E3
Subject
commonName
AddTrust External CA Root
countryName
SE
organizationalUnitName
AddTrust External TTP Network
organizationName
AddTrust AB
Details
Warning: Certificate is unused.
Error: certificate has expired.
Signature algorithm
sha1WithRSAEncryption
Public key
2048 bit RSA
Valid from
2000-05-30 10:48:38 UTC
Valid to
2020-05-30 10:48:38 UTC
02:FA:F3:E2:91:43:54:68:60:78:57:69:4D:F5:E4:5B:68:85:18:68

Protocols

SSLv2 No
SSLv3 No
TLSv1 Yes
TLSv1.1 Yes
TLSv1.2 Yes

Ciphers

Server does respect the client's cipher ordering.

Cipher suiteBitsizeForward secrecyInfo
ECDHE-RSA-AES256-GCM-SHA384 (0xc030) 256 Yes Curve: secp521r1
ECDHE-RSA-AES256-SHA384 (0xc028) 256 Yes Curve: secp521r1
ECDHE-RSA-AES256-SHA (0xc014) 256 Yes Curve: secp521r1
DHE-RSA-AES256-GCM-SHA384 (0x9f) 256 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DHE-RSA-AES256-SHA256 (0x6b) 256 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DHE-RSA-AES256-SHA (0x39) 256 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
AES256-GCM-SHA384 (0x9d) 256 No -
AES256-SHA256 (0x3d) 256 No -
AES256-SHA (0x35) 256 No -
ECDHE-RSA-AES128-GCM-SHA256 (0xc02f) 128 Yes Curve: secp521r1
ECDHE-RSA-AES128-SHA256 (0xc027) 128 Yes Curve: secp521r1
ECDHE-RSA-AES128-SHA (0xc013) 128 Yes Curve: secp521r1
DHE-RSA-AES128-GCM-SHA256 (0x9e) 128 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DHE-RSA-AES128-SHA256 (0x67) 128 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DHE-RSA-AES128-SHA (0x33) 128 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
AES128-GCM-SHA256 (0x9c) 128 No -
AES128-SHA256 (0x3c) 128 No -
AES128-SHA (0x2f) 128 No -

Badge

xmpp.net score

Want to show this result on your webpage? Add this:

<a href='https://xmpp.net/result.php?domain=xmpp.sys.kth.se&amp;type=client'><img src='https://xmpp.net/badge.php?domain=xmpp.sys.kth.se' alt='xmpp.net score' /></a>