From 0f7c92ff4b921e6428808128de4e050945320852 Mon Sep 17 00:00:00 2001
From: Suzanne Goldlust <sgoldlust@isc.org>
Date: Wed, 29 Nov 2023 22:44:17 +0000
Subject: [PATCH] Fix broken link to TLD DNSSEC stats

(cherry picked from commit 15eea792b9289c38dd9efd4bd5919e55a6ad0e08)
---
 doc/dnssec-guide/validation.rst | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/dnssec-guide/validation.rst b/doc/dnssec-guide/validation.rst
index 98696bbddb..07ab349377 100644
--- a/doc/dnssec-guide/validation.rst
+++ b/doc/dnssec-guide/validation.rst
@@ -717,7 +717,7 @@ process. Thereafter, BIND uses the managed keys database
 
 Explicit management of keys was common in the early days of DNSSEC, when
 neither the root zone nor many top-level domains were signed. Since
-then, `over 90% <https://stats.research.icann.org/dns/tld_report/>`__ of
+then, `over 90% <https://ithi.research.icann.org/graph-m7.html>`__ of
 the top-level domains have been signed, including all the largest ones.
 Unless you have a particular need to manage keys yourself, it is best to
 use the BIND defaults and let the software manage the root key.