Detailed Monitoring Summary:

DNSSEC Summary
17,473,712 Zones
13,624,507 DNSSEC enabled zones
11,809,615 Zones use both KSKs and ZSKs
55 Zones are serving revoked keys
7,452,716 DNSSEC verified zones
11,788,067 Production DNSSEC-enabled zones
Distribution of key algorithms in use:
Algorithm # Keys
Reserved 01
RSA/SHA-1 [RSASHA1]23,024
Diffie-Hellman [DH]5
ECC/GOST [ECC-GOST]6
RSA/SHA512 [RSASHA512]241,627
Unknown Algorithm747,879
ECDSA Curve P-384 with SHA-384 [ECDSAP384SHA384]146,295
Reserved 2551
DSA-NSEC3-SHA1 [DSA-NSEC3-SHA1]11
ECDSA Curve P-256 with SHA-256 [ECDSAP256SHA256]10,657,324
DSA/SHA-1 [DSA]43
RSA/SHA256 [RSASHA256]15,388,095
RSA/MD5 [RSAMD5]9
RSA-NSEC3-SHA1 [RSASHA1-NSEC3-SHA1]86,746
DANE Summary
680,979 DANE enabled zones with TLSA records
765 PKIX based Trust Anchor TLSA records (Cert Usage 0)
1,639 PKIX based End Entity TLSA records (Cert Usage 1)
11,230 DANE based Trust Anchor TLSA records (Cert Usage 2)
259,980 DANE based End Entity TLSA records (Cert Usage 3)
3,744 Zones have deployed TLSA for Secure SMTP (Port 465)
1,851 Zones have deployed TLSA for POP3 (Port 110)
2,417 Zones have deployed TLSA for Secure POP3 (Port 995)
157,487 Zones have deployed TLSA for HTTPS (Port 443)
3,176 Zones have deployed TLSA for Secure IMAP (Port 993)
98,850 Zones have deployed TLSA for SMTP (Port 25)
335 Zones have deployed TLSA for Alternate SMTP (Port 2525)
1,361 Zones have deployed TLSA for IMAP (Port 143)
4,396 Zones have deployed TLSA for SMTP with STARTTLS (Port 587)