Given the amount of crap traffic the root servers get I can see why they’d be hesitant to just turn on DNSSEC. “Let’s see you all stop sending us stupid shit queries first” sounds entirely reasonable.
Although this is a big "just" because of the amount of fanfare and (literal) ceremony, DNSSEC support on the server side is just about signing zones and being willing to serve the associated RR types.
