Various reports of all servers tested

Report for december 2013 | Results of the last day | Results of the last week | Results of the last month

TLS versions 79 results

SSL 2 1 1.3%
SSL 3 5 6.3%
TLS 1.0 66 83.5%
TLS 1.1 68 86.1%
TLS 1.2 78 98.7%

Grades 79 results

A 70 88.6%
B 6 7.6%
C 2 2.5%
D 0 0%
E 0 0%
F 1 1.3%
Does not penalize untrusted certificates.

RSA key sizes for domain certificates

RSA key size Count
1024 2 2.8%
2048 32 45.1%
4096 37 52.1%

StartTLS

Type Client to server Server to server
Required 41 93.2% 25 71.4%
Allowed 3 6.8% 10 28.6%

Trust

To do authenticated encryption, a certificate needs to be both trusted and valid. Trusted means it is issued by a well-known CA and valid means it is valid for the domain we want to connect to.

Trusted Untrusted
Valid 67 80.7% 10 12%
Invalid 5 6% 1 1.2%

SASL mechanisms 44 results

Mechanism # times offered before TLS # times offered after TLS
PLAIN 6 13.6% 44 100%
SCRAM-SHA-1 3 6.8% 33 75%
SCRAM-SHA-1-PLUS 0 0% 17 38.6%
X-OAUTH2 2 4.5% 17 38.6%
DIGEST-MD5 3 6.8% 7 15.9%
WEBEX-TOKEN 0 0% 1 2.3%

Servers supporting SSL 3, but not TLS 1.0 0 results

SSL 3 and TLS 1.0 are very similar, but TLS 1.0 has some small improvements. This table is meant to help judge whether SSL 3 can be disabled by listing the servers that do support SSL 3, but not TLS 1.0.

Target Type When

Servers supporting SSL 2 1 results

SSL 2 is broken and insecure. It is not required for compatibility and servers should disable it.

Target Type When
yurib.mooo.com client to server

CAs used Top 30

Name/Organization SHA1 Count

Servers using <2048-bit RSA certificates which expires after 01-01-2014 0 results

As described in the CA/Browser Forum Baseline Requirements, certificates with RSA keys with less than 2048 bits should not be issued with an notAfter date after 31-12-2013. This list lists all certificates which violate that rule.

Target Type When Issuer

Servers with DNSSEC signed SRV records 37 results

Target Type When
0x04.net server to server
alainwolf.ch client to server
alainwolf.ch server to server
alpha-lab.de.jsxc.ch client to server
alpha-lab.de.jsxc.ch server to server
alstercom.de server to server
birkenwald.de server to server
chaoslab.org client to server
crabdance-ca.jsxc.ch client to server
crabdance-ca.jsxc.ch server to server
dotplex.de server to server
dvo.ru client to server
ejpcmac.net client to server
firegore.com server to server
gajim.org client to server
jab.cyberguerrilla.org client to server
jabber.fi client to server
jabber.greenhost.nl server to server
legaillart.fr client to server
netfuture.ch client to server
netlabwork.us client to server
netlabwork.us server to server
pouet.ovh server to server
ramos.link client to server
soderparr.com server to server
suchat.org client to server
suchat.org server to server
tbcloud.jsxc.ch client to server
tbcloud.jsxc.ch server to server
therudes.com client to server
thfree.ru client to server
urown.net client to server
urown.net server to server
wiuwiu.de client to server
wizardtales.com client to server
xmpp.chth.eu client to server
xmpp.chth.eu server to server

Servers with DNSSEC signed DANE records 14 results

Target Type When
alainwolf.ch client to server
alainwolf.ch server to server
alstercom.de server to server
dotplex.de server to server
ramos.link client to server
soderparr.com server to server
suchat.org client to server
suchat.org server to server
therudes.com client to server
thfree.ru client to server
urown.net client to server
urown.net server to server
wiuwiu.de client to server
xmpp.chth.eu server to server

Servers with a hidden service 0 results

Target Type When

Servers not offering encryption 2 results

Target Type When
202.131.106.58 server to server
au.redbull.com server to server

Servers sharing private keys 3 results

Target SHA256(SPKI)
c0d3.blue s2s C2:78:05:0E:DD:46:59:F9:0F:3E:1D:59:F4:90:CE:97:97:58:DF:63:75:82:FA:8B:31:D8:83:3A:8B:5B:29:05
universe-factory.net c2s C2:78:05:0E:DD:46:59:F9:0F:3E:1D:59:F4:90:CE:97:97:58:DF:63:75:82:FA:8B:31:D8:83:3A:8B:5B:29:05
universe-factory.net s2s C2:78:05:0E:DD:46:59:F9:0F:3E:1D:59:F4:90:CE:97:97:58:DF:63:75:82:FA:8B:31:D8:83:3A:8B:5B:29:05