Detailed Monitoring Summary:

DNSSEC Summary
16,353,213 Zones
13,637,447 DNSSEC enabled zones
11,975,737 Zones use both KSKs and ZSKs
80 Zones are serving revoked keys
9,116,881 DNSSEC verified zones
11,323,672 Production DNSSEC-enabled zones
Distribution of key algorithms in use:
Algorithm # Keys
RSA-NSEC3-SHA1 [RSASHA1-NSEC3-SHA1]114,264
RSA/SHA512 [RSASHA512]295,869
ECDSA Curve P-384 with SHA-384 [ECDSAP384SHA384]153,951
ECC/GOST [ECC-GOST]12
DSA/SHA-1 [DSA]56
RSA/SHA256 [RSASHA256]19,084,962
RSA/SHA-1 [RSASHA1]88,258
ECDSA Curve P-256 with SHA-256 [ECDSAP256SHA256]7,913,750
RSA/MD5 [RSAMD5]8
DSA-NSEC3-SHA1 [DSA-NSEC3-SHA1]16
Unknown Algorithm1,519
Private [PRIVATEOID]1
DANE Summary
614,001 DANE enabled zones with TLSA records
441 PKIX based Trust Anchor TLSA records (Cert Usage 0)
1,697 PKIX based End Entity TLSA records (Cert Usage 1)
8,300 DANE based Trust Anchor TLSA records (Cert Usage 2)
312,291 DANE based End Entity TLSA records (Cert Usage 3)
1,297 Zones have deployed TLSA for POP3 (Port 110)
112,502 Zones have deployed TLSA for SMTP (Port 25)
370 Zones have deployed TLSA for Alternate SMTP (Port 2525)
3,384 Zones have deployed TLSA for SMTP with STARTTLS (Port 587)
1,519 Zones have deployed TLSA for IMAP (Port 143)
2,467 Zones have deployed TLSA for Secure IMAP (Port 993)
1,766 Zones have deployed TLSA for Secure POP3 (Port 995)
196,727 Zones have deployed TLSA for HTTPS (Port 443)
2,704 Zones have deployed TLSA for Secure SMTP (Port 465)