Detailed Monitoring Summary:

DNSSEC Summary
14,136,924 Zones
11,029,752 DNSSEC enabled zones
9,683,685 Zones use both KSKs and ZSKs
44 Zones are serving revoked keys
6,426,199 DNSSEC verified zones
9,386,512 Production DNSSEC-enabled zones
Distribution of key algorithms in use:
Algorithm # Keys
RSA/SHA256 [RSASHA256]13,241,714
Reserved 01
ECDSA Curve P-256 with SHA-256 [ECDSAP256SHA256]8,037,392
RSA/SHA-1 [RSASHA1]17,081
DSA-NSEC3-SHA1 [DSA-NSEC3-SHA1]5
DSA/SHA-1 [DSA]22
RSA/MD5 [RSAMD5]2
ECDSA Curve P-384 with SHA-384 [ECDSAP384SHA384]128,254
Unknown Algorithm460,826
Diffie-Hellman [DH]7
RSA/SHA512 [RSASHA512]219,330
Private [PRIVATEOID]1
RSA-NSEC3-SHA1 [RSASHA1-NSEC3-SHA1]70,624
DANE Summary
665,993 DANE enabled zones with TLSA records
743 PKIX based Trust Anchor TLSA records (Cert Usage 0)
1,599 PKIX based End Entity TLSA records (Cert Usage 1)
9,711 DANE based Trust Anchor TLSA records (Cert Usage 2)
252,435 DANE based End Entity TLSA records (Cert Usage 3)
327 Zones have deployed TLSA for Alternate SMTP (Port 2525)
1,302 Zones have deployed TLSA for IMAP (Port 143)
2,769 Zones have deployed TLSA for Secure IMAP (Port 993)
1,650 Zones have deployed TLSA for POP3 (Port 110)
3,803 Zones have deployed TLSA for SMTP with STARTTLS (Port 587)
96,766 Zones have deployed TLSA for SMTP (Port 25)
2,119 Zones have deployed TLSA for Secure POP3 (Port 995)
152,589 Zones have deployed TLSA for HTTPS (Port 443)
3,168 Zones have deployed TLSA for Secure SMTP (Port 465)