Detailed Monitoring Summary:

DNSSEC Summary
14,236,622 Zones
11,124,262 DNSSEC enabled zones
9,772,958 Zones use both KSKs and ZSKs
60 Zones are serving revoked keys
6,528,695 DNSSEC verified zones
9,595,842 Production DNSSEC-enabled zones
Distribution of key algorithms in use:
Algorithm # Keys
Unknown Algorithm505,974
DSA/SHA-1 [DSA]23
RSA/SHA512 [RSASHA512]218,840
ECDSA Curve P-256 with SHA-256 [ECDSAP256SHA256]8,070,181
Private [PRIVATEOID]1
RSA/SHA256 [RSASHA256]13,306,368
Diffie-Hellman [DH]7
ECDSA Curve P-384 with SHA-384 [ECDSAP384SHA384]127,888
Reserved 01
RSA/SHA-1 [RSASHA1]16,969
RSA/MD5 [RSAMD5]1
DSA-NSEC3-SHA1 [DSA-NSEC3-SHA1]5
RSA-NSEC3-SHA1 [RSASHA1-NSEC3-SHA1]70,104
DANE Summary
673,426 DANE enabled zones with TLSA records
748 PKIX based Trust Anchor TLSA records (Cert Usage 0)
1,612 PKIX based End Entity TLSA records (Cert Usage 1)
9,834 DANE based Trust Anchor TLSA records (Cert Usage 2)
254,353 DANE based End Entity TLSA records (Cert Usage 3)
2,163 Zones have deployed TLSA for Secure POP3 (Port 995)
327 Zones have deployed TLSA for Alternate SMTP (Port 2525)
3,216 Zones have deployed TLSA for Secure SMTP (Port 465)
153,819 Zones have deployed TLSA for HTTPS (Port 443)
1,307 Zones have deployed TLSA for IMAP (Port 143)
3,859 Zones have deployed TLSA for SMTP with STARTTLS (Port 587)
97,358 Zones have deployed TLSA for SMTP (Port 25)
1,679 Zones have deployed TLSA for POP3 (Port 110)
2,824 Zones have deployed TLSA for Secure IMAP (Port 993)