»In which we provide sufficient thrust for a pig to fly

Some of the core problems of DNS include: cache poisoning, spoofed servers, answers tampered in transit, and the inadequacy of udp (for dns).

Secure DNS does not address software problems such as buffer overflows or some attack vectors -- Denial of Service, for example--, but does provide for authentication of data (intact xmission) from a guaranteed name server; and for non-repudiation (who and signed what data); and requires a chain of trust to the root. It anticipates the use of the DNS extensions proposed in EDNS0 in order to address reply packet sizes (>512 bytes). How about storing ssh-key fingerprints in DNS? This could be a poor-man's key-management system. Combining the functionality of DNSSEC with GPG, PGP, and SSH keys with DNS might solve the burgeoning problems of key management.
... but only the Swedish registrar offers a signed top-level registry. And, by some estimates, 95% of the .com zones probably do not want to be signed -- they are ephemeral or fly-by-night, and have no practical use for information authentication.

With sufficient thrust, a pig will fly. This phrase originates with Lewis Carroll or in Scotland, or both. It also appears in RFC 1925.

Generate keys:
Zone-signing key, key-signing key
RSA and SHA-1 1024-bit keys
dnssec-keygen -a -b -n ZONE # HOST, USER deprecated