Detailed Monitoring Summary:

DNSSEC Summary
15,365,265 Zones
12,846,868 DNSSEC enabled zones
11,295,382 Zones use both KSKs and ZSKs
113 Zones are serving revoked keys
8,692,376 DNSSEC verified zones
10,734,467 Production DNSSEC-enabled zones
Distribution of key algorithms in use:
Algorithm # Keys
ECDSA Curve P-256 with SHA-256 [ECDSAP256SHA256]7,200,208
RSA/MD5 [RSAMD5]6
ECC/GOST [ECC-GOST]10
RSA/SHA-1 [RSASHA1]88,948
RSA-NSEC3-SHA1 [RSASHA1-NSEC3-SHA1]126,277
DSA/SHA-1 [DSA]54
ECDSA Curve P-384 with SHA-384 [ECDSAP384SHA384]173,074
DSA-NSEC3-SHA1 [DSA-NSEC3-SHA1]19
Unknown Algorithm213,592
RSA/SHA512 [RSASHA512]310,972
RSA/SHA256 [RSASHA256]17,911,988
Private [PRIVATEOID]2
DANE Summary
696,320 DANE enabled zones with TLSA records
492 PKIX based Trust Anchor TLSA records (Cert Usage 0)
1,998 PKIX based End Entity TLSA records (Cert Usage 1)
9,959 DANE based Trust Anchor TLSA records (Cert Usage 2)
450,476 DANE based End Entity TLSA records (Cert Usage 3)
3,443 Zones have deployed TLSA for Secure SMTP (Port 465)
1,451 Zones have deployed TLSA for POP3 (Port 110)
237,435 Zones have deployed TLSA for HTTPS (Port 443)
4,491 Zones have deployed TLSA for SMTP with STARTTLS (Port 587)
208,336 Zones have deployed TLSA for SMTP (Port 25)
3,128 Zones have deployed TLSA for Secure IMAP (Port 993)
2,032 Zones have deployed TLSA for IMAP (Port 143)
421 Zones have deployed TLSA for Alternate SMTP (Port 2525)
2,193 Zones have deployed TLSA for Secure POP3 (Port 995)