> On Dec 9, 2017, at 5:50 AM, Erwin Lansing <erwin at lansing.dk> wrote:
>
>> Anyone from gratisdns.dk care to get in touch?
>
> I forwarded your message.
Thanks again. I don't think much action has followed. I see 512-bit
RSA DNSKEYs from:
#domains primary nameserver
-------- ------------------
7535 ns1.gratisdns.dk
and a somewhat smaller, but still significant counts at:
#domains primary nameserver
-------- ------------------
3375 ns1.mijnhostingpartner.nl
537 ns1.zeptor.nl
501 ns1.dnsimple.com
93 dns1.easydns.com
61 ns.iinfo.cz
It would good to get all 512-bit DNSKEYs upgraded.
===================
Overall RSA key length statistics are:
KSK count| bits
---------+------
3073362 | 2048
1098140 | 1024
181098 | 1536
39830 | 4096
12687 | 512
1531 | 1280
1150 | 3168
426 | 2560
170 | 1304
50 | 3072
35 | 1152
23 | 2304
20 | 2088
17 | 1552
ZSK count| bits
---------+------
5954756 | 1024
189172 | 1280
59846 | 2048
13756 | 512
8535 | 4096
1156 | 3168
447 | 1536
290 | 1032
110 | 2304
70 | 1048
62 | 1152
43 | 1304
29 | 768
20 | 2088
17 | 1352
15 | 2432
14 | 2024
10 | 2064
--
Viktor.
--
Viktor.