Detailed Monitoring Summary:

DNSSEC Summary
16,337,675 Zones
13,394,080 DNSSEC enabled zones
11,665,415 Zones use both KSKs and ZSKs
82 Zones are serving revoked keys
8,782,857 DNSSEC verified zones
11,503,288 Production DNSSEC-enabled zones
Distribution of key algorithms in use:
Algorithm # Keys
RSA/SHA512 [RSASHA512]289,431
ECDSA Curve P-256 with SHA-256 [ECDSAP256SHA256]8,724,024
RSA/SHA-1 [RSASHA1]94,981
DSA/SHA-1 [DSA]52
DSA-NSEC3-SHA1 [DSA-NSEC3-SHA1]15
ECDSA Curve P-384 with SHA-384 [ECDSAP384SHA384]154,271
RSA/SHA256 [RSASHA256]18,978,682
Diffie-Hellman [DH]1
Private [PRIVATEOID]1
RSA/MD5 [RSAMD5]7
ECC/GOST [ECC-GOST]11
Unknown Algorithm19,827
RSA-NSEC3-SHA1 [RSASHA1-NSEC3-SHA1]112,159
DANE Summary
705,823 DANE enabled zones with TLSA records
447 PKIX based Trust Anchor TLSA records (Cert Usage 0)
2,122 PKIX based End Entity TLSA records (Cert Usage 1)
9,164 DANE based Trust Anchor TLSA records (Cert Usage 2)
326,247 DANE based End Entity TLSA records (Cert Usage 3)
202,909 Zones have deployed TLSA for HTTPS (Port 443)
1,653 Zones have deployed TLSA for IMAP (Port 143)
1,816 Zones have deployed TLSA for POP3 (Port 110)
3,398 Zones have deployed TLSA for Secure SMTP (Port 465)
3,076 Zones have deployed TLSA for Secure IMAP (Port 993)
412 Zones have deployed TLSA for Alternate SMTP (Port 2525)
2,310 Zones have deployed TLSA for Secure POP3 (Port 995)
4,177 Zones have deployed TLSA for SMTP with STARTTLS (Port 587)
118,235 Zones have deployed TLSA for SMTP (Port 25)