We perform regular scans of >200M domains for CAA support and show their CAA adoption above.
Anomalies: The peak in "TUM-DETAIL with CAA or CNAME2CAA" in early November stems from a hoster enabling CAA on its base domain, to which about 15k customer domains point.
The jump in early February also stems from 2 hosters enabling CAA on its base domain, with 60k and 57k base domains pointing to it via CNAME.
Starting February 9, 2018, we are also removing domain names of the pattern google[a-f0-9]{16}.sld.publicsuffix from our scan.
These are used to assert domain DNS control by google by placing such as CNAME that points to google.com (see here).
As google.com deploys CAA, these base domains were counted as deploying CAA, which they are effectively not.
The fluctuations in October 2018 stem from on/off rate-limiting issues at nazwa.pl, which hosts about 200k CAA-enabled base domains.
These figures show the use of CAA tags by base domains.
# of domains that return inconsistent CAA configurations across their authoritative name servers. The peak in October 2017 is discussed in our paper. The peak in October 2018 stems from a surge of domains at e-i.net and 36dns.net having inconsistent existence of issue/issuewild across nameservers.
caa [AT] list.net.in.tum.de