IM Observatory client report for xmpp.sys.kth.se

Test started 2019-01-05 16:50:47 UTC .

Show server to server result | Permalink to this report |

xmpp.sys.kth.se:5222

Certificate score:

100

Key exchange score:

Protocol score:

Cipher score:

Grade:

Server uses Diffie-Hellman parameters of < 2048 bits. Grade capped to B.

xmpp.sys.kth.se:5222

StartTLS: REQUIRED

SASL

Pre-TLS

Post-TLS

SRV records _xmpp-client._tcp.xmpp.sys.kth.se BOGUS DNSSEC

Priority	Weight	Port	Server

TLSA records

Certificates

Subject

commonName: openfire-1.sys.kth.se
countryName: SE
localityName: Stockholm
organizationalUnitName: ITA
organizationName: Kungliga Tekniska Högskolan

Details

Signature algorithm

sha256WithRSAEncryption

Public key

2048 bit RSA

Valid from

2018-06-15 00:00:00 UTC

Valid to

2020-09-17 00:00:00 UTC

CRL

http://crl4.digicert.com/TERENASSLCA3.crl

OCSP

http://ocsp.digicert.com

Valid for xmpp.sys.kth.se

YES

FA:E6:E3:0A:54:98:09:16:D4:18:75:EB:9F:E4:50:69:16:C9:49:18

Subject Alternative Names

DNSName: openfire-1.sys.kth.se
DNSName: xmpp.sys.kth.se Matches

Subject

commonName: TERENA SSL CA 3
countryName: NL
localityName: Amsterdam
organizationName: TERENA
stateOrProvinceName: Noord-Holland

Details

Signature algorithm

sha256WithRSAEncryption

Public key

2048 bit RSA

Valid from

2014-11-18 12:00:00 UTC

Valid to

2024-11-18 12:00:00 UTC

CRL

http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl

OCSP

http://ocsp.digicert.com

77:B9:9B:B2:BD:75:22:E1:7E:C0:99:EA:71:77:51:6F:27:78:7C:AD

Subject

commonName: DigiCert Assured ID Root CA
countryName: US
organizationalUnitName: www.digicert.com
organizationName: DigiCert Inc

Details

Signature algorithm

sha1WithRSAEncryption

Public key

2048 bit RSA

Valid from

2006-11-10 00:00:00 UTC

Valid to

2031-11-10 00:00:00 UTC

05:63:B8:63:0D:62:D7:5A:BB:C8:AB:1E:4B:DF:B5:A8:99:B2:4D:43

Protocols

SSLv2	No
SSLv3	No
TLSv1	Yes
TLSv1.1	Yes
TLSv1.2	Yes

Ciphers

Server does respect the client's cipher ordering.

Cipher suite	Bitsize	Forward secrecy	Info
ECDHE-RSA-AES256-GCM-SHA384 (0xc030)	256	Yes	Curve: secp521r1
ECDHE-RSA-AES256-SHA384 (0xc028)	256	Yes	Curve: secp521r1
ECDHE-RSA-AES256-SHA (0xc014)	256	Yes	Curve: secp521r1
DHE-RSA-AES256-GCM-SHA384 (0x9f)	256	Yes	Diffie-Hellman: Group: RFC 2409 First Oakley Default Group Bitsize: 1024
DHE-RSA-AES256-SHA256 (0x6b)	256	Yes	Diffie-Hellman: Group: RFC 2409 First Oakley Default Group Bitsize: 1024
DHE-RSA-AES256-SHA (0x39)	256	Yes	Diffie-Hellman: Group: RFC 2409 First Oakley Default Group Bitsize: 1024
AES256-GCM-SHA384 (0x9d)	256	No	-
AES256-SHA256 (0x3d)	256	No	-
AES256-SHA (0x35)	256	No	-
ECDHE-RSA-AES128-GCM-SHA256 (0xc02f)	128	Yes	Curve: secp521r1
ECDHE-RSA-AES128-SHA256 (0xc027)	128	Yes	Curve: secp521r1
ECDHE-RSA-AES128-SHA (0xc013)	128	Yes	Curve: secp521r1
DHE-RSA-AES128-GCM-SHA256 (0x9e)	128	Yes	Diffie-Hellman: Group: RFC 2409 First Oakley Default Group Bitsize: 1024
DHE-RSA-AES128-SHA256 (0x67)	128	Yes	Diffie-Hellman: Group: RFC 2409 First Oakley Default Group Bitsize: 1024
DHE-RSA-AES128-SHA (0x33)	128	Yes	Diffie-Hellman: Group: RFC 2409 First Oakley Default Group Bitsize: 1024
AES128-GCM-SHA256 (0x9c)	128	No	-
AES128-SHA256 (0x3c)	128	No	-
AES128-SHA (0x2f)	128	No	-

Badge

Want to show this result on your webpage? Add this:

<a href='https://xmpp.net/result.php?domain=xmpp.sys.kth.se&amp;type=client'><img src='https://xmpp.net/badge.php?domain=xmpp.sys.kth.se' alt='xmpp.net score' /></a>

IM Observatory client report for xmpp.sys.kth.se

Score

xmpp.sys.kth.se:5222

General

xmpp.sys.kth.se:5222

SASL

Pre-TLS

Post-TLS

DNS

SRV records _xmpp-client._tcp.xmpp.sys.kth.se BOGUS DNSSEC

TLSA records

_5222._tcp.xmpp.sys.kth.se BOGUS DNSSEC

TLS

xmpp.sys.kth.se:5222

Certificates

#0 openfire-1.sys.kth.se

Subject

Details

Subject Alternative Names

#1 TERENA SSL CA 3

Subject

Details

#2 DigiCert Assured ID Root CA

Subject

Details

Protocols

Ciphers

Badge