All of those, and more, are solved at other levels of the protocol stack (TLS, SSH, etc). No need to get DNS involved. Or benefit from doing so.
If you haven't protected the actual data stream, you need to do so regardless since there are many ways to direct it into the arms of an attacker apart from the few venues DNSSEC protects against. And once you have done so, you no longer need DNSSEC with its downsides.