Detailed Monitoring Summary:

DNSSEC Summary
13,152,414 Zones
10,320,361 DNSSEC enabled zones
9,121,538 Zones use both KSKs and ZSKs
53 Zones are serving revoked keys
6,430,617 DNSSEC verified zones
9,023,187 Production DNSSEC-enabled zones
Distribution of key algorithms in use:
Algorithm # Keys
DSA-NSEC3-SHA1 [DSA-NSEC3-SHA1]10
DSA/SHA-1 [DSA]36
ECC/GOST [ECC-GOST]2
RSA/MD5 [RSAMD5]3
RSA/SHA256 [RSASHA256]13,095,795
Diffie-Hellman [DH]2
Unknown Algorithm175,987
ECDSA Curve P-256 with SHA-256 [ECDSAP256SHA256]7,018,599
RSA-NSEC3-SHA1 [RSASHA1-NSEC3-SHA1]75,604
RSA/SHA512 [RSASHA512]215,319
RSA/SHA-1 [RSASHA1]16,950
Private [PRIVATEOID]1
ECDSA Curve P-384 with SHA-384 [ECDSAP384SHA384]122,697
DANE Summary
733,691 DANE enabled zones with TLSA records
497 PKIX based Trust Anchor TLSA records (Cert Usage 0)
2,008 PKIX based End Entity TLSA records (Cert Usage 1)
11,858 DANE based Trust Anchor TLSA records (Cert Usage 2)
327,270 DANE based End Entity TLSA records (Cert Usage 3)
4,773 Zones have deployed TLSA for SMTP with STARTTLS (Port 587)
113,896 Zones have deployed TLSA for SMTP (Port 25)
208,520 Zones have deployed TLSA for HTTPS (Port 443)
2,597 Zones have deployed TLSA for Secure POP3 (Port 995)
484 Zones have deployed TLSA for Alternate SMTP (Port 2525)
2,068 Zones have deployed TLSA for POP3 (Port 110)
3,519 Zones have deployed TLSA for Secure IMAP (Port 993)
1,815 Zones have deployed TLSA for IMAP (Port 143)
3,968 Zones have deployed TLSA for Secure SMTP (Port 465)