Detailed Monitoring Summary:

DNSSEC Summary
13,887,311 Zones
11,639,101 DNSSEC enabled zones
10,173,151 Zones use both KSKs and ZSKs
106 Zones are serving revoked keys
7,592,326 DNSSEC verified zones
9,892,592 Production DNSSEC-enabled zones
Distribution of key algorithms in use:
Algorithm # Keys
ECDSA Curve P-256 with SHA-256 [ECDSAP256SHA256]7,166,860
RSA/MD5 [RSAMD5]6
Private [PRIVATEOID]5
RSA/SHA256 [RSASHA256]15,690,621
ECC/GOST [ECC-GOST]15
RSA/SHA512 [RSASHA512]336,491
DSA/SHA-1 [DSA]60
DSA-NSEC3-SHA1 [DSA-NSEC3-SHA1]25
ECDSA Curve P-384 with SHA-384 [ECDSAP384SHA384]196,037
Unknown Algorithm839
RSA/SHA-1 [RSASHA1]83,416
RSA-NSEC3-SHA1 [RSASHA1-NSEC3-SHA1]142,994
DANE Summary
647,376 DANE enabled zones with TLSA records
525 PKIX based Trust Anchor TLSA records (Cert Usage 0)
1,842 PKIX based End Entity TLSA records (Cert Usage 1)
9,018 DANE based Trust Anchor TLSA records (Cert Usage 2)
327,057 DANE based End Entity TLSA records (Cert Usage 3)
186,544 Zones have deployed TLSA for HTTPS (Port 443)
137,691 Zones have deployed TLSA for SMTP (Port 25)
1,799 Zones have deployed TLSA for Secure POP3 (Port 995)
1,733 Zones have deployed TLSA for IMAP (Port 143)
3,684 Zones have deployed TLSA for SMTP with STARTTLS (Port 587)
2,587 Zones have deployed TLSA for Secure IMAP (Port 993)
1,243 Zones have deployed TLSA for POP3 (Port 110)
2,810 Zones have deployed TLSA for Secure SMTP (Port 465)
354 Zones have deployed TLSA for Alternate SMTP (Port 2525)