IM Observatory client report for xmpp.sys.kth.se
Test started 2020-11-27 17:53:30 UTC .
Show server to server result | Permalink to this report |
Score
xmpp.sys.kth.se:5222
Grade:
F
Certificate is not trusted, grade capped to F. Ignoring trust: B.
Server uses Diffie-Hellman parameters of < 2048 bits. Grade capped to B.
General
xmpp.sys.kth.se:5222
- StartTLS
- REQUIRED
SASL
Pre-TLS
| CRAM-MD5 |
| PLAIN |
Post-TLS
| CRAM-MD5 |
| PLAIN |
DNS
SRV records _xmpp-client._tcp.xmpp.sys.kth.se NO DNSSEC
| Priority | Weight | Port | Server |
|---|
TLSA records
_5222._tcp.xmpp.sys.kth.se NO DNSSEC
TLS
xmpp.sys.kth.se:5222
Certificates
#0 openfire-1.sys.kth.se
Subject
- commonName
- openfire-1.sys.kth.se
- countryName
- SE
- localityName
- Stockholm
- organizationalUnitName
- ITA
- organizationName
- Kungliga Tekniska högskolan
- postalCode
- 11428
- stateOrProvinceName
- Stockholm
- streetAddress
- Brinellvägen 8
Details
- Signature algorithm
- sha384WithRSAEncryption
- Public key
- 2048 bit RSA
- Valid from
- 2020-04-07 00:00:00 UTC
- Valid to
- 2021-04-07 23:59:59 UTC
- CRL
- http://GEANT.crl.sectigo.com/GEANTOVRSACA4.crl
- OCSP
- http://GEANT.ocsp.sectigo.com
- Valid for xmpp.sys.kth.se
- YES
81:5B:8A:27:C4:4D:9A:A3:95:0E:E4:26:4E:87:06:5B:48:87:D6:FB
Subject Alternative Names
- DNSName
- openfire-1.sys.kth.se
- DNSName
- xmpp.sys.kth.se Matches
#1 GEANT OV RSA CA 4
Subject
- commonName
- GEANT OV RSA CA 4
- countryName
- NL
- organizationName
- GEANT Vereniging
Details
- Signature algorithm
- sha384WithRSAEncryption
- Public key
- 4096 bit RSA
- Valid from
- 2020-02-18 00:00:00 UTC
- Valid to
- 2033-05-01 23:59:59 UTC
- CRL
- http://crl.usertrust.com/USERTrustRSACertificationAuthority.crl
- OCSP
- http://ocsp.usertrust.com
C2:82:6E:26:6D:74:05:D3:4E:F8:97:62:63:6A:E4:B3:6E:86:CB:5E
USERTrust RSA Certification Authority
Subject
- commonName
- USERTrust RSA Certification Authority
- countryName
- US
- localityName
- Jersey City
- organizationName
- The USERTRUST Network
- stateOrProvinceName
- New Jersey
Details
- Signature algorithm
- sha384WithRSAEncryption
- Public key
- 4096 bit RSA
- Valid from
- 2019-03-12 00:00:00 UTC
- Valid to
- 2028-12-31 23:59:59 UTC
- CRL
- http://crl.comodoca.com/AAACertificateServices.crl
- OCSP
- http://ocsp.comodoca.com
D8:9E:3B:D4:3D:5D:90:9B:47:A1:89:77:AA:9D:5C:E3:6C:EE:18:4C
AAA Certificate Services
Subject
- commonName
- AAA Certificate Services
- countryName
- GB
- localityName
- Salford
- organizationName
- Comodo CA Limited
- stateOrProvinceName
- Greater Manchester
Details
- Signature algorithm
- sha1WithRSAEncryption
- Public key
- 2048 bit RSA
- Valid from
- 2004-01-01 00:00:00 UTC
- Valid to
- 2028-12-31 23:59:59 UTC
- CRL
- http://crl.comodo.net/AAACertificateServices.crl
D1:EB:23:A4:6D:17:D6:8F:D9:25:64:C2:F1:F1:60:17:64:D8:E3:49
#2 USERTrust RSA Certification Authority
Subject
- commonName
- USERTrust RSA Certification Authority
- countryName
- US
- localityName
- Jersey City
- organizationName
- The USERTRUST Network
- stateOrProvinceName
- New Jersey
Details
Warning: Certificate is unused.
Error: certificate has expired.
- Signature algorithm
- sha384WithRSAEncryption
- Public key
- 4096 bit RSA
- Valid from
- 2000-05-30 10:48:38 UTC
- Valid to
- 2020-05-30 10:48:38 UTC
- CRL
- http://crl.usertrust.com/AddTrustExternalCARoot.crl
- OCSP
- http://ocsp.usertrust.com
EA:B0:40:68:9A:0D:80:5B:5D:6F:D6:54:FC:16:8C:FF:00:B7:8B:E3
#3 AddTrust External CA Root
Subject
- commonName
- AddTrust External CA Root
- countryName
- SE
- organizationalUnitName
- AddTrust External TTP Network
- organizationName
- AddTrust AB
Details
Warning: Certificate is unused.
Error: certificate has expired.
- Signature algorithm
- sha1WithRSAEncryption
- Public key
- 2048 bit RSA
- Valid from
- 2000-05-30 10:48:38 UTC
- Valid to
- 2020-05-30 10:48:38 UTC
02:FA:F3:E2:91:43:54:68:60:78:57:69:4D:F5:E4:5B:68:85:18:68
Protocols
| SSLv2 | No |
| SSLv3 | No |
| TLSv1 | Yes |
| TLSv1.1 | Yes |
| TLSv1.2 | Yes |
Ciphers
Server does respect the client's cipher ordering.
| Cipher suite | Bitsize | Forward secrecy | Info |
|---|---|---|---|
| ECDHE-RSA-AES256-GCM-SHA384 (0xc030) | 256 | Yes | Curve: secp521r1 |
| ECDHE-RSA-AES256-SHA384 (0xc028) | 256 | Yes | Curve: secp521r1 |
| ECDHE-RSA-AES256-SHA (0xc014) | 256 | Yes | Curve: secp521r1 |
| DHE-RSA-AES256-GCM-SHA384 (0x9f) | 256 | Yes |
Diffie-Hellman: Group: RFC 2409 First Oakley Default Group Bitsize: 1024 |
| DHE-RSA-AES256-SHA256 (0x6b) | 256 | Yes |
Diffie-Hellman: Group: RFC 2409 First Oakley Default Group Bitsize: 1024 |
| DHE-RSA-AES256-SHA (0x39) | 256 | Yes |
Diffie-Hellman: Group: RFC 2409 First Oakley Default Group Bitsize: 1024 |
| AES256-GCM-SHA384 (0x9d) | 256 | No | - |
| AES256-SHA256 (0x3d) | 256 | No | - |
| AES256-SHA (0x35) | 256 | No | - |
| ECDHE-RSA-AES128-GCM-SHA256 (0xc02f) | 128 | Yes | Curve: secp521r1 |
| ECDHE-RSA-AES128-SHA256 (0xc027) | 128 | Yes | Curve: secp521r1 |
| ECDHE-RSA-AES128-SHA (0xc013) | 128 | Yes | Curve: secp521r1 |
| DHE-RSA-AES128-GCM-SHA256 (0x9e) | 128 | Yes |
Diffie-Hellman: Group: RFC 2409 First Oakley Default Group Bitsize: 1024 |
| DHE-RSA-AES128-SHA256 (0x67) | 128 | Yes |
Diffie-Hellman: Group: RFC 2409 First Oakley Default Group Bitsize: 1024 |
| DHE-RSA-AES128-SHA (0x33) | 128 | Yes |
Diffie-Hellman: Group: RFC 2409 First Oakley Default Group Bitsize: 1024 |
| AES128-GCM-SHA256 (0x9c) | 128 | No | - |
| AES128-SHA256 (0x3c) | 128 | No | - |
| AES128-SHA (0x2f) | 128 | No | - |
Badge
Want to show this result on your webpage? Add this:
<a href='https://xmpp.net/result.php?domain=xmpp.sys.kth.se&type=client'><img src='https://xmpp.net/badge.php?domain=xmpp.sys.kth.se' alt='xmpp.net score' /></a>