[dns-operations] Observed DNSKEY algorithms
Michael Sinatra
michael at brokendns.net
Mon May 21 21:33:37 UTC 2018
On 05/20/18 14:21, Viktor Dukhovni wrote:
> Again for 1000 or more domains. We see a strong 3rd
> place showing by P-256 (alg 13) not far behind 8, 7.
> Algorithms 10 and 14 are not getting much traction.
>
> KSK:
>
> count | flags | proto | alg
> ---------+-------+-------+-----
> 2925222 | 257 | 3 | 8
> 1731791 | 257 | 3 | 7
> 1220609 | 257 | 3 | 13
> 262431 | 257 | 3 | 5
> 46464 | 257 | 3 | 10
> 38841 | 257 | 3 | 14
> 3141 | 257 | 3 | 3
>
> ZSK:
>
> count | flags | proto | alg
> ---------+-------+-------+-----
> 2883918 | 256 | 3 | 8
> 1726579 | 256 | 3 | 7
> 645294 | 256 | 3 | 13
> 104522 | 256 | 3 | 5
> 46337 | 256 | 3 | 10
> 38111 | 256 | 3 | 14
> 3141 | 256 | 3 | 3
>
Viktor, I am trying to make sense of the difference between the above
numbers and the ones you included in this post:
https://lists.dns-oarc.net/pipermail/dns-operations/2018-March/017406.html
Obviously there is a difference because the numbers are significantly
lower overall in the current post than in the one from March (other,
strangely, than the alg 3 numbers, which actually increased?!). The
other interesting difference is that alg 14 had overtaken alg 10 in
March, but has fallen behind now.
Does the current survey look unique algorithms per domain-key-type, and
the previous one look at total keys or is there some other difference in
method?
thanks!
michael
More information about the dns-operations
mailing list