UPDATE: Certificates are expired and many browsers have upped their DH requirements after the Logjam vuln. I may restore this test at some point if there is demand.
Some checks for browser capabilities regarding Diffie-Hellman key exchange. In the table below, images are included from various subdomains that use different Diffie-Hellman parameters. If you see an image the connection succeeded, if you see an X or some other error symbol from your browser the connection failed.
Tests requires Server Name Indication (SNI), all current browsers support that, some older ones don't. For the DSA tests you need to import the root cert from CAcert.org.
Results so far:
Some more background in my blog and I wrote a german article for Golem.de.
|8 Bit, "prime" 15|
|1024 Bit, no prime|
This test was created by Hanno Böck.