Detailed Monitoring Summary:

DNSSEC Summary
16,757,941 Zones
12,942,918 DNSSEC enabled zones
11,163,678 Zones use both KSKs and ZSKs
56 Zones are serving revoked keys
7,123,248 DNSSEC verified zones
11,053,422 Production DNSSEC-enabled zones
Distribution of key algorithms in use:
Algorithm # Keys
RSA/SHA256 [RSASHA256]14,839,788
RSA-NSEC3-SHA1 [RSASHA1-NSEC3-SHA1]86,790
RSA/MD5 [RSAMD5]7
DSA-NSEC3-SHA1 [DSA-NSEC3-SHA1]9
ECDSA Curve P-256 with SHA-256 [ECDSAP256SHA256]9,643,023
Private [PRIVATEOID]1
RSA/SHA-1 [RSASHA1]22,956
ECC/GOST [ECC-GOST]6
DSA/SHA-1 [DSA]42
ECDSA Curve P-384 with SHA-384 [ECDSAP384SHA384]145,088
RSA/SHA512 [RSASHA512]247,646
Unknown Algorithm734,507
Reserved 01
Diffie-Hellman [DH]6
DANE Summary
680,158 DANE enabled zones with TLSA records
765 PKIX based Trust Anchor TLSA records (Cert Usage 0)
1,641 PKIX based End Entity TLSA records (Cert Usage 1)
10,751 DANE based Trust Anchor TLSA records (Cert Usage 2)
259,317 DANE based End Entity TLSA records (Cert Usage 3)
1,821 Zones have deployed TLSA for POP3 (Port 110)
3,493 Zones have deployed TLSA for Secure SMTP (Port 465)
4,154 Zones have deployed TLSA for SMTP with STARTTLS (Port 587)
98,358 Zones have deployed TLSA for SMTP (Port 25)
3,057 Zones have deployed TLSA for Secure IMAP (Port 993)
2,334 Zones have deployed TLSA for Secure POP3 (Port 995)
157,571 Zones have deployed TLSA for HTTPS (Port 443)
337 Zones have deployed TLSA for Alternate SMTP (Port 2525)
1,352 Zones have deployed TLSA for IMAP (Port 143)