IM Observatory client report for jabber.chaotisch.net

Test started 2018-03-08 15:57:37 UTC .

Show server to server result | Permalink to this report | Retest

jabber.chaotisch.net:5222
Certificate is not trusted, grade capped to F. Ignoring trust: B.
Server uses Diffie-Hellman parameters of < 2048 bits. Grade capped to B.
jabber.chaotisch.net:5222
StartTLS
ALLOWED

SASL

Pre-TLS
CRAM-MD5
DIGEST-MD5
JIVE-SHAREDSECRET
PLAIN
SCRAM-SHA-1
Post-TLS
CRAM-MD5
DIGEST-MD5
JIVE-SHAREDSECRET
PLAIN
SCRAM-SHA-1

SRV records _xmpp-client._tcp.jabber.chaotisch.net DNSSEC

Priority Weight Port Server
5 0 5222 jabber.chaotisch.net

TLSA records

Certificates

Subject
commonName
jabber.chaotisch.net
Details
Error: certificate has expired.
Signature algorithm
sha512WithRSAEncryption
Public key
2048 bit RSA
Valid from
2014-05-26 19:55:57 UTC
Valid to
2016-05-25 19:55:57 UTC
CRL
http://crl.cacert.org/class3-revoke.crl
OCSP
http://ocsp.cacert.org/
Valid for jabber.chaotisch.net
YES
DD:26:54:71:B7:6B:E3:13:57:CC:F4:46:95:0F:05:0A:ED:C4:D9:AA
Subject Alternative Names
DNSName
jabber.chaotisch.net Matches
XMPPAddr
jabber.chaotisch.net Matches
Subject
commonName
CAcert Class 3 Root
organizationalUnitName
http://www.CAcert.org
organizationName
CAcert Inc.
Details
Signature algorithm
md5WithRSAEncryption INSECURE
Public key
4096 bit RSA
Valid from
2005-10-14 07:36:55 UTC
Valid to
2033-03-28 07:36:55 UTC
OCSP
http://ocsp.CAcert.org/
DB:4C:42:69:07:3F:E9:C2:A3:7D:89:0A:5C:1B:18:C4:18:4E:2A:2D
Subject
commonName
CA Cert Signing Authority
emailAddress
support@cacert.org
organizationalUnitName
http://www.cacert.org
organizationName
Root CA
Details
Signature algorithm
sha256WithRSAEncryption
Public key
4096 bit RSA
Valid from
2003-03-30 12:29:49 UTC
Valid to
2033-03-29 12:29:49 UTC
CRL
http://crl.cacert.org/revoke.crl
OCSP
http://ocsp.cacert.org
DD:FC:DA:54:1E:75:77:AD:DC:A8:7E:88:27:A9:8A:50:60:32:52:A5
Subject
commonName
CA Cert Signing Authority
emailAddress
support@cacert.org
organizationalUnitName
http://www.cacert.org
organizationName
Root CA
Details
Warning: Certificate is unused.
Error: self signed certificate in certificate chain.
Signature algorithm
md5WithRSAEncryption INSECURE
Public key
4096 bit RSA
Valid from
2003-03-30 12:29:49 UTC
Valid to
2033-03-29 12:29:49 UTC
CRL
https://www.cacert.org/revoke.crl
13:5C:EC:36:F4:9C:B8:E9:3B:1A:B2:70:CD:80:88:46:76:CE:8F:33

Protocols

SSLv2 No
SSLv3 No
TLSv1 Yes
TLSv1.1 Yes
TLSv1.2 Yes

Ciphers

Server does respect the client's cipher ordering.

Cipher suiteBitsizeForward secrecyInfo
ECDHE-RSA-AES128-GCM-SHA256 (0xc02f) 128 Yes Curve: sect571r1
ECDHE-RSA-AES128-SHA256 (0xc027) 128 Yes Curve: sect571r1
ECDHE-RSA-AES128-SHA (0xc013) 128 Yes Curve: sect571r1
DHE-DSS-AES128-GCM-SHA256 (0xa2) 128 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DHE-RSA-AES128-GCM-SHA256 (0x9e) 128 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DHE-RSA-AES128-SHA256 (0x67) 128 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DHE-DSS-AES128-SHA256 (0x40) 128 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DHE-RSA-AES128-SHA (0x33) 128 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DHE-DSS-AES128-SHA (0x32) 128 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
AES128-GCM-SHA256 (0x9c) 128 No -
AES128-SHA256 (0x3c) 128 No -
AES128-SHA (0x2f) 128 No -
ECDHE-RSA-DES-CBC3-SHA (0xc012) WEAK 112 Yes Curve: sect571r1
EDH-RSA-DES-CBC3-SHA (0x16) WEAK 112 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
EDH-DSS-DES-CBC3-SHA (0x13) WEAK 112 Yes Diffie-Hellman:
Group: RFC 2409 First Oakley Default Group
Bitsize: 1024
DES-CBC3-SHA (0xa) WEAK 112 No -

Badge

xmpp.net score

Want to show this result on your webpage? Add this:

<a href='https://xmpp.net/result.php?domain=jabber.chaotisch.net&amp;type=client'><img src='https://xmpp.net/badge.php?domain=jabber.chaotisch.net' alt='xmpp.net score' /></a>