As the article mentions, RFC 5011 describes a technology designed specifically to address key rollover. This is indeed designed to automate administration of DNSSEC-aware resolvers. Implementations are done, and I expect widespread adoption over the next few years.
Beyond that, keep in mind that any security feature by necessity increases the fragility and decreases the usability of the system. This is something to be aware of, but not something to be afraid of. This LWN summary comes very close to spreading FUD about DNSSEC. This is a pity, because DNS has long been an insecure link in the Internet, and DNSSEC not only allows that weakness to be resolved, but also enables new functionality built on a more secure DNS foundation.