Detailed Monitoring Summary:

DNSSEC Summary
15,158,987 Zones
12,833,417 DNSSEC enabled zones
11,280,762 Zones use both KSKs and ZSKs
85 Zones are serving revoked keys
8,541,315 DNSSEC verified zones
10,570,126 Production DNSSEC-enabled zones
Distribution of key algorithms in use:
Algorithm # Keys
Unknown Algorithm333,151
DSA-NSEC3-SHA1 [DSA-NSEC3-SHA1]20
Private [PRIVATEOID]5
RSA/MD5 [RSAMD5]6
RSA/SHA-1 [RSASHA1]88,058
ECDSA Curve P-256 with SHA-256 [ECDSAP256SHA256]7,272,733
ECDSA Curve P-384 with SHA-384 [ECDSAP384SHA384]175,918
RSA/SHA256 [RSASHA256]17,799,459
ECC/GOST [ECC-GOST]14
RSA/SHA512 [RSASHA512]319,738
RSA-NSEC3-SHA1 [RSASHA1-NSEC3-SHA1]133,555
DSA/SHA-1 [DSA]58
DANE Summary
688,440 DANE enabled zones with TLSA records
501 PKIX based Trust Anchor TLSA records (Cert Usage 0)
1,985 PKIX based End Entity TLSA records (Cert Usage 1)
9,957 DANE based Trust Anchor TLSA records (Cert Usage 2)
440,249 DANE based End Entity TLSA records (Cert Usage 3)
3,098 Zones have deployed TLSA for Secure IMAP (Port 993)
1,984 Zones have deployed TLSA for IMAP (Port 143)
1,420 Zones have deployed TLSA for POP3 (Port 110)
413 Zones have deployed TLSA for Alternate SMTP (Port 2525)
235,536 Zones have deployed TLSA for HTTPS (Port 443)
2,172 Zones have deployed TLSA for Secure POP3 (Port 995)
200,237 Zones have deployed TLSA for SMTP (Port 25)
4,455 Zones have deployed TLSA for SMTP with STARTTLS (Port 587)
3,382 Zones have deployed TLSA for Secure SMTP (Port 465)