On the other hand, to me DNSSEC at the root seems to be a simple problem of load-balancing an embarrassingly parallel problem. Which really should not be that big of a problem to implement; just throw more servers at it behind the load balancers.
I have approximately zero insider knowledge as to what exactly is holding up the deployment of DNSSEC in the DNS root. But I have seen zero good explanations as to why it would not have been implemented long ago if it had any sort of priority. And DNSSEC should have very high priority, if nothing else then because of DNS poisoning.