Detailed Monitoring Summary:

DNSSEC Summary
16,443,629 Zones
13,644,315 DNSSEC enabled zones
11,962,364 Zones use both KSKs and ZSKs
76 Zones are serving revoked keys
9,114,606 DNSSEC verified zones
11,511,341 Production DNSSEC-enabled zones
Distribution of key algorithms in use:
Algorithm # Keys
ECDSA Curve P-384 with SHA-384 [ECDSAP384SHA384]154,216
Private [PRIVATEOID]1
RSA/SHA512 [RSASHA512]292,802
DSA-NSEC3-SHA1 [DSA-NSEC3-SHA1]13
ECC/GOST [ECC-GOST]11
ECDSA Curve P-256 with SHA-256 [ECDSAP256SHA256]8,303,205
RSA-NSEC3-SHA1 [RSASHA1-NSEC3-SHA1]117,496
Unknown Algorithm1,560
RSA/SHA256 [RSASHA256]19,401,608
RSA/SHA-1 [RSASHA1]89,961
RSA/MD5 [RSAMD5]6
DSA/SHA-1 [DSA]57
DANE Summary
615,711 DANE enabled zones with TLSA records
441 PKIX based Trust Anchor TLSA records (Cert Usage 0)
1,703 PKIX based End Entity TLSA records (Cert Usage 1)
8,798 DANE based Trust Anchor TLSA records (Cert Usage 2)
305,304 DANE based End Entity TLSA records (Cert Usage 3)
110,824 Zones have deployed TLSA for SMTP (Port 25)
2,729 Zones have deployed TLSA for Secure IMAP (Port 993)
2,015 Zones have deployed TLSA for Secure POP3 (Port 995)
3,772 Zones have deployed TLSA for SMTP with STARTTLS (Port 587)
3,010 Zones have deployed TLSA for Secure SMTP (Port 465)
390 Zones have deployed TLSA for Alternate SMTP (Port 2525)
1,557 Zones have deployed TLSA for IMAP (Port 143)
1,538 Zones have deployed TLSA for POP3 (Port 110)
190,417 Zones have deployed TLSA for HTTPS (Port 443)