[dns-operations] Observed DNSKEY algorithms
Michael Sinatra
michael at brokendns.net
Mon May 21 22:41:08 UTC 2018
Viktor,
> Total RRs by algorithm only (previous format):
>
> count | alg
> ---------+-----
> 7230667 | 8
> 4121450 | 7
> 2031492 | 13
> 373612 | 5
> 103416 | 14
> 96080 | 10
> 6384 | 3
Thanks for the clarification. I agree that the "distinct" version is
probably a more useful measure of per-domain algorithm use. It *is*
interesting to note that it seems like more people have multiple zsks
for alg 14 than for alg 10, which makes the non-distinct numbers look
better for alg 14 than 10.
> Breakdown of above RR counts by flags:
>
> KSK:
>
> count | flags | proto | alg
> ---------+-------+-------+-----
> 2945071 | 257 | 3 | 8
> 1742703 | 257 | 3 | 7
> 1229468 | 257 | 3 | 13
> 264409 | 257 | 3 | 5
> 47830 | 257 | 3 | 10
> 39445 | 257 | 3 | 14
> 3161 | 257 | 3 | 3
>
> ZSK:
> count | flags | proto | alg
> ---------+-------+-------+-----
> 4285365 | 256 | 3 | 8
> 2378660 | 256 | 3 | 7
> 801797 | 256 | 3 | 13
> 109167 | 256 | 3 | 5
> 63960 | 256 | 3 | 14
> 48174 | 256 | 3 | 10
> 3223 | 256 | 3 | 3
The alg 3 numbers still surprise me. :)
michael
More information about the dns-operations
mailing list