Detailed Monitoring Summary:

DNSSEC Summary
14,329,961 Zones
11,205,887 DNSSEC enabled zones
9,843,861 Zones use both KSKs and ZSKs
62 Zones are serving revoked keys
6,573,021 DNSSEC verified zones
9,706,330 Production DNSSEC-enabled zones
Distribution of key algorithms in use:
Algorithm # Keys
ECDSA Curve P-384 with SHA-384 [ECDSAP384SHA384]128,915
RSA/SHA256 [RSASHA256]13,386,368
Diffie-Hellman [DH]7
RSA-NSEC3-SHA1 [RSASHA1-NSEC3-SHA1]69,928
RSA/MD5 [RSAMD5]1
ECDSA Curve P-256 with SHA-256 [ECDSAP256SHA256]8,275,351
Private [PRIVATEOID]1
Reserved 01
DSA/SHA-1 [DSA]23
DSA-NSEC3-SHA1 [DSA-NSEC3-SHA1]5
Unknown Algorithm524,911
RSA/SHA-1 [RSASHA1]17,171
RSA/SHA512 [RSASHA512]218,532
DANE Summary
673,199 DANE enabled zones with TLSA records
750 PKIX based Trust Anchor TLSA records (Cert Usage 0)
1,627 PKIX based End Entity TLSA records (Cert Usage 1)
9,993 DANE based Trust Anchor TLSA records (Cert Usage 2)
255,468 DANE based End Entity TLSA records (Cert Usage 3)
1,336 Zones have deployed TLSA for IMAP (Port 143)
97,782 Zones have deployed TLSA for SMTP (Port 25)
154,358 Zones have deployed TLSA for HTTPS (Port 443)
1,715 Zones have deployed TLSA for POP3 (Port 110)
3,277 Zones have deployed TLSA for Secure SMTP (Port 465)
327 Zones have deployed TLSA for Alternate SMTP (Port 2525)
3,947 Zones have deployed TLSA for SMTP with STARTTLS (Port 587)
2,888 Zones have deployed TLSA for Secure IMAP (Port 993)
2,213 Zones have deployed TLSA for Secure POP3 (Port 995)