Detailed Monitoring Summary:

DNSSEC Summary
14,335,050 Zones
11,977,296 DNSSEC enabled zones
10,469,777 Zones use both KSKs and ZSKs
137 Zones are serving revoked keys
7,860,200 DNSSEC verified zones
9,926,456 Production DNSSEC-enabled zones
Distribution of key algorithms in use:
Algorithm # Keys
RSA/SHA512 [RSASHA512]323,995
ECC/GOST [ECC-GOST]12
ECDSA Curve P-384 with SHA-384 [ECDSAP384SHA384]175,545
RSA/SHA256 [RSASHA256]16,156,909
ECDSA Curve P-256 with SHA-256 [ECDSAP256SHA256]7,198,745
Unknown Algorithm942
RSA/SHA-1 [RSASHA1]85,600
DSA/SHA-1 [DSA]60
RSA/MD5 [RSAMD5]6
DSA-NSEC3-SHA1 [DSA-NSEC3-SHA1]19
Private [PRIVATEOID]5
RSA-NSEC3-SHA1 [RSASHA1-NSEC3-SHA1]127,672
DANE Summary
661,760 DANE enabled zones with TLSA records
478 PKIX based Trust Anchor TLSA records (Cert Usage 0)
1,898 PKIX based End Entity TLSA records (Cert Usage 1)
9,219 DANE based Trust Anchor TLSA records (Cert Usage 2)
371,704 DANE based End Entity TLSA records (Cert Usage 3)
3,955 Zones have deployed TLSA for SMTP with STARTTLS (Port 587)
374 Zones have deployed TLSA for Alternate SMTP (Port 2525)
1,298 Zones have deployed TLSA for POP3 (Port 110)
3,036 Zones have deployed TLSA for Secure SMTP (Port 465)
1,808 Zones have deployed TLSA for IMAP (Port 143)
208,978 Zones have deployed TLSA for HTTPS (Port 443)
159,128 Zones have deployed TLSA for SMTP (Port 25)
2,783 Zones have deployed TLSA for Secure IMAP (Port 993)
1,942 Zones have deployed TLSA for Secure POP3 (Port 995)