Detailed Monitoring Summary:

DNSSEC Summary
13,640,127 Zones
11,482,066 DNSSEC enabled zones
10,205,427 Zones use both KSKs and ZSKs
46 Zones are serving revoked keys
7,850,950 DNSSEC verified zones
9,629,698 Production DNSSEC-enabled zones
Distribution of key algorithms in use:
Algorithm # Keys
RSA/SHA512 [RSASHA512]300,807
DSA/SHA-1 [DSA]45
Private [PRIVATEOID]5
DSA-NSEC3-SHA1 [DSA-NSEC3-SHA1]18
RSA/MD5 [RSAMD5]1
ECDSA Curve P-256 with SHA-256 [ECDSAP256SHA256]6,650,600
RSA/SHA256 [RSASHA256]16,033,985
RSA-NSEC3-SHA1 [RSASHA1-NSEC3-SHA1]116,746
RSA/SHA-1 [RSASHA1]79,536
ECDSA Curve P-384 with SHA-384 [ECDSAP384SHA384]166,034
ECC/GOST [ECC-GOST]13
Unknown Algorithm21,663
DANE Summary
677,064 DANE enabled zones with TLSA records
490 PKIX based Trust Anchor TLSA records (Cert Usage 0)
1,928 PKIX based End Entity TLSA records (Cert Usage 1)
9,501 DANE based Trust Anchor TLSA records (Cert Usage 2)
423,932 DANE based End Entity TLSA records (Cert Usage 3)
2,915 Zones have deployed TLSA for Secure IMAP (Port 993)
3,188 Zones have deployed TLSA for Secure SMTP (Port 465)
2,022 Zones have deployed TLSA for Secure POP3 (Port 995)
1,338 Zones have deployed TLSA for POP3 (Port 110)
4,162 Zones have deployed TLSA for SMTP with STARTTLS (Port 587)
220,327 Zones have deployed TLSA for HTTPS (Port 443)
1,868 Zones have deployed TLSA for IMAP (Port 143)
381 Zones have deployed TLSA for Alternate SMTP (Port 2525)
199,653 Zones have deployed TLSA for SMTP (Port 25)