In the DNSSEC context DSA is a (specific) digital signature algorithm.
Actually using a DNSSEC protected zone is not difficult, but many resolvers do not know how to check signatures. AFAIK a signature aware resolver will check signatures without you configuring anything.
I believe bind 9 is likely to check signatures and glibc probably does not. If DNSSEC becomes popular this will probably change in due course.