IM Observatory client report for jabber.crans.org

Test started 2018-07-17 10:47:28 UTC .

Show server to server result | Permalink to this report | Retest

xmpp.crans.org:5222
Certificate is not trusted, grade capped to F. Ignoring trust: B.
Server uses Diffie-Hellman parameters of < 2048 bits. Grade capped to B.
xmpp.crans.org:5222
Version
ejabberd 14.07
StartTLS
REQUIRED

SASL

Pre-TLS
DIGEST-MD5
PLAIN
SCRAM-SHA-1
Post-TLS
DIGEST-MD5
PLAIN
SCRAM-SHA-1

SRV records _xmpp-client._tcp.jabber.crans.org DNSSEC

Priority Weight Port Server
5 0 5222 xmpp.crans.org

TLSA records

Verified Usage Selector Match Data
NO domain-issued certificate full SHA-512
02:B4:3B:C1:B8:61:11:52:81:F3:B8:E7:38:49:18:70:48:D9:33:3F:29:98:3E:FA:5B:E6:6B:72:33:AC:3B:AB:00:FA:B6:34:52:CA:BC:8A:6F:ED:82:15:A1:D6:85:56:52:A3:6E:85:32:42:DE:39:79:1D:B3:4F:16:02:F5:BD

Certificates

Subject
commonName
xmpp.crans.org
countryName
FR
localityName
Cachan
organizationName
Details
Signature algorithm
sha512WithRSAEncryption
Public key
2048 bit RSA
Valid from
2018-01-09 10:35:47 UTC
Valid to
2020-01-09 10:35:47 UTC
CRL
http://crl.cacert.org/class3-revoke.crl
OCSP
http://ocsp.cacert.org/
Valid for jabber.crans.org
YES
A6:0E:70:69:F4:BB:83:87:95:ED:8A:B0:89:65:55:09:09:64:52:8C
Subject Alternative Names
DNSName
xmpp.crans.org
DNSName
jabber.crans.org Matches
Subject
commonName
CAcert Class 3 Root
organizationName
CAcert Inc.
organizationalUnitName
http://www.CAcert.org
Details
Error: self signed certificate in certificate chain.
Signature algorithm
sha256WithRSAEncryption
Public key
4096 bit RSA
Valid from
2011-05-23 17:48:02 UTC
Valid to
2021-05-20 17:48:02 UTC
OCSP
http://ocsp.CAcert.org/
AD:7C:3F:64:FC:44:39:FE:F4:E9:0B:E8:F4:7C:6C:FA:8A:AD:FD:CE
Subject
commonName
CA Cert Signing Authority
emailAddress
support@cacert.org
organizationName
Root CA
organizationalUnitName
http://www.cacert.org
Details
Signature algorithm
md5WithRSAEncryption INSECURE
Public key
4096 bit RSA
Valid from
2003-03-30 12:29:49 UTC
Valid to
2033-03-29 12:29:49 UTC
CRL
https://www.cacert.org/revoke.crl
13:5C:EC:36:F4:9C:B8:E9:3B:1A:B2:70:CD:80:88:46:76:CE:8F:33

Protocols

SSLv2 No
SSLv3 No
TLSv1 Yes
TLSv1.1 Yes
TLSv1.2 Yes

Ciphers

Server does respect the client's cipher ordering.

Cipher suiteBitsizeForward secrecyInfo
ECDHE-RSA-AES256-GCM-SHA384 (0xc030) 256 Yes Curve: prime256v1
ECDHE-RSA-AES256-SHA384 (0xc028) 256 Yes Curve: prime256v1
ECDHE-RSA-AES256-SHA (0xc014) 256 Yes Curve: prime256v1
DHE-RSA-AES256-GCM-SHA384 (0x9f) 256 Yes Diffie-Hellman:
Group: RFC 5114 1024-bit MODP Group with 160-bit Prime Order Subgroup
Bitsize: 1024
DHE-RSA-CAMELLIA256-SHA (0x88) 256 Yes Diffie-Hellman:
Group: RFC 5114 1024-bit MODP Group with 160-bit Prime Order Subgroup
Bitsize: 1024
DHE-RSA-AES256-SHA256 (0x6b) 256 Yes Diffie-Hellman:
Group: RFC 5114 1024-bit MODP Group with 160-bit Prime Order Subgroup
Bitsize: 1024
DHE-RSA-AES256-SHA (0x39) 256 Yes Diffie-Hellman:
Group: RFC 5114 1024-bit MODP Group with 160-bit Prime Order Subgroup
Bitsize: 1024
AES256-GCM-SHA384 (0x9d) 256 No -
CAMELLIA256-SHA (0x84) 256 No -
AES256-SHA256 (0x3d) 256 No -
AES256-SHA (0x35) 256 No -
ECDHE-RSA-AES128-GCM-SHA256 (0xc02f) 128 Yes Curve: prime256v1
ECDHE-RSA-AES128-SHA256 (0xc027) 128 Yes Curve: prime256v1
ECDHE-RSA-AES128-SHA (0xc013) 128 Yes Curve: prime256v1
DHE-RSA-AES128-GCM-SHA256 (0x9e) 128 Yes Diffie-Hellman:
Group: RFC 5114 1024-bit MODP Group with 160-bit Prime Order Subgroup
Bitsize: 1024
DHE-RSA-SEED-SHA (0x9a) 128 Yes Diffie-Hellman:
Group: RFC 5114 1024-bit MODP Group with 160-bit Prime Order Subgroup
Bitsize: 1024
DHE-RSA-AES128-SHA256 (0x67) 128 Yes Diffie-Hellman:
Group: RFC 5114 1024-bit MODP Group with 160-bit Prime Order Subgroup
Bitsize: 1024
DHE-RSA-CAMELLIA128-SHA (0x45) 128 Yes Diffie-Hellman:
Group: RFC 5114 1024-bit MODP Group with 160-bit Prime Order Subgroup
Bitsize: 1024
DHE-RSA-AES128-SHA (0x33) 128 Yes Diffie-Hellman:
Group: RFC 5114 1024-bit MODP Group with 160-bit Prime Order Subgroup
Bitsize: 1024
AES128-GCM-SHA256 (0x9c) 128 No -
SEED-SHA (0x96) 128 No -
CAMELLIA128-SHA (0x41) 128 No -
AES128-SHA256 (0x3c) 128 No -
AES128-SHA (0x2f) 128 No -
ECDHE-RSA-DES-CBC3-SHA (0xc012) WEAK 112 Yes Curve: prime256v1
EDH-RSA-DES-CBC3-SHA (0x16) WEAK 112 Yes Diffie-Hellman:
Group: RFC 5114 1024-bit MODP Group with 160-bit Prime Order Subgroup
Bitsize: 1024
DES-CBC3-SHA (0xa) WEAK 112 No -

Badge

IM observatory score

Want to show this result on your webpage? Add this:

<a href='https://check.messaging.one/result.php?domain=jabber.crans.org&amp;type=client'>
  <img src='https://check.messaging.one/badge.php?domain=jabber.crans.org' alt='IM observatory score' />
</a>