Detailed Monitoring Summary:

DNSSEC Summary
15,898,707 Zones
12,631,773 DNSSEC enabled zones
10,951,070 Zones use both KSKs and ZSKs
79 Zones are serving revoked keys
7,841,164 DNSSEC verified zones
10,987,641 Production DNSSEC-enabled zones
Distribution of key algorithms in use:
Algorithm # Keys
Diffie-Hellman [DH]3
Unknown Algorithm172,718
RSA/SHA512 [RSASHA512]269,246
Private [PRIVATEOID]1
RSA/MD5 [RSAMD5]7
DSA/SHA-1 [DSA]46
ECC/GOST [ECC-GOST]6
RSA-NSEC3-SHA1 [RSASHA1-NSEC3-SHA1]103,780
ECDSA Curve P-256 with SHA-256 [ECDSAP256SHA256]8,697,409
DSA-NSEC3-SHA1 [DSA-NSEC3-SHA1]13
RSA/SHA256 [RSASHA256]16,222,130
RSA/SHA-1 [RSASHA1]46,583
ECDSA Curve P-384 with SHA-384 [ECDSAP384SHA384]149,553
DANE Summary
729,282 DANE enabled zones with TLSA records
501 PKIX based Trust Anchor TLSA records (Cert Usage 0)
2,031 PKIX based End Entity TLSA records (Cert Usage 1)
11,780 DANE based Trust Anchor TLSA records (Cert Usage 2)
330,732 DANE based End Entity TLSA records (Cert Usage 3)
2,052 Zones have deployed TLSA for POP3 (Port 110)
4,663 Zones have deployed TLSA for SMTP with STARTTLS (Port 587)
210,961 Zones have deployed TLSA for HTTPS (Port 443)
115,270 Zones have deployed TLSA for SMTP (Port 25)
1,792 Zones have deployed TLSA for IMAP (Port 143)
2,558 Zones have deployed TLSA for Secure POP3 (Port 995)
3,831 Zones have deployed TLSA for Secure SMTP (Port 465)
3,450 Zones have deployed TLSA for Secure IMAP (Port 993)
473 Zones have deployed TLSA for Alternate SMTP (Port 2525)