Detailed Monitoring Summary:

DNSSEC Summary
14,439,363 Zones
11,353,086 DNSSEC enabled zones
9,962,942 Zones use both KSKs and ZSKs
40 Zones are serving revoked keys
6,647,981 DNSSEC verified zones
9,875,905 Production DNSSEC-enabled zones
Distribution of key algorithms in use:
Algorithm # Keys
Unknown Algorithm549,357
RSA/SHA-1 [RSASHA1]17,326
RSA/SHA256 [RSASHA256]13,590,916
RSA/MD5 [RSAMD5]2
ECC/GOST [ECC-GOST]1
Private [PRIVATEOID]1
DSA/SHA-1 [DSA]24
DSA-NSEC3-SHA1 [DSA-NSEC3-SHA1]5
RSA/SHA512 [RSASHA512]220,106
ECDSA Curve P-256 with SHA-256 [ECDSAP256SHA256]8,378,048
Diffie-Hellman [DH]5
RSA-NSEC3-SHA1 [RSASHA1-NSEC3-SHA1]69,911
ECDSA Curve P-384 with SHA-384 [ECDSAP384SHA384]134,020
Reserved 01
DANE Summary
675,921 DANE enabled zones with TLSA records
754 PKIX based Trust Anchor TLSA records (Cert Usage 0)
1,625 PKIX based End Entity TLSA records (Cert Usage 1)
10,216 DANE based Trust Anchor TLSA records (Cert Usage 2)
257,162 DANE based End Entity TLSA records (Cert Usage 3)
1,343 Zones have deployed TLSA for IMAP (Port 143)
3,361 Zones have deployed TLSA for Secure SMTP (Port 465)
4,023 Zones have deployed TLSA for SMTP with STARTTLS (Port 587)
2,237 Zones have deployed TLSA for Secure POP3 (Port 995)
155,298 Zones have deployed TLSA for HTTPS (Port 443)
98,508 Zones have deployed TLSA for SMTP (Port 25)
330 Zones have deployed TLSA for Alternate SMTP (Port 2525)
2,933 Zones have deployed TLSA for Secure IMAP (Port 993)
1,728 Zones have deployed TLSA for POP3 (Port 110)