Yes, it's hard, but...
It's a chicken and egg problem.
Setting up TCP/IP stack used to be hard...
Setting up Linux with Apache and MySql used to be hard...
Setting up SSL/TLS on your website used to be hard...
Setting up DNSSEC is hard NOW, but as it matures, knowledge and tooling will improve and it will not be hard anymore and we will reap the benefits.
Just about everything in the world depends on DNS and it should be secure.