Detailed Monitoring Summary:

DNSSEC Summary
17,312,152 Zones
13,468,666 DNSSEC enabled zones
11,663,700 Zones use both KSKs and ZSKs
54 Zones are serving revoked keys
7,404,607 DNSSEC verified zones
11,661,935 Production DNSSEC-enabled zones
Distribution of key algorithms in use:
Algorithm # Keys
Reserved 01
Unknown Algorithm746,136
RSA/MD5 [RSAMD5]9
DSA/SHA-1 [DSA]43
ECDSA Curve P-256 with SHA-256 [ECDSAP256SHA256]10,364,947
RSA/SHA-1 [RSASHA1]23,029
RSA/SHA512 [RSASHA512]243,636
DSA-NSEC3-SHA1 [DSA-NSEC3-SHA1]11
ECC/GOST [ECC-GOST]6
RSA/SHA256 [RSASHA256]15,300,524
RSA-NSEC3-SHA1 [RSASHA1-NSEC3-SHA1]86,920
Reserved 2551
ECDSA Curve P-384 with SHA-384 [ECDSAP384SHA384]146,176
Diffie-Hellman [DH]5
DANE Summary
680,987 DANE enabled zones with TLSA records
764 PKIX based Trust Anchor TLSA records (Cert Usage 0)
1,663 PKIX based End Entity TLSA records (Cert Usage 1)
11,014 DANE based Trust Anchor TLSA records (Cert Usage 2)
260,250 DANE based End Entity TLSA records (Cert Usage 3)
3,642 Zones have deployed TLSA for Secure SMTP (Port 465)
4,273 Zones have deployed TLSA for SMTP with STARTTLS (Port 587)
1,345 Zones have deployed TLSA for IMAP (Port 143)
1,831 Zones have deployed TLSA for POP3 (Port 110)
158,075 Zones have deployed TLSA for HTTPS (Port 443)
2,376 Zones have deployed TLSA for Secure POP3 (Port 995)
3,125 Zones have deployed TLSA for Secure IMAP (Port 993)
334 Zones have deployed TLSA for Alternate SMTP (Port 2525)
98,693 Zones have deployed TLSA for SMTP (Port 25)