In DNS We Trust

If DNS is really the foundation of how the Internet runs, then shouldn't we focus on improving it's underlying security measures?

Most federation and identity technical specs make the assumption that the name-resolution was accurate (e.g. not spoofed). What if that's not true? What if DNS gets hacked?

Maybe it's time to update the DNS specifications to include a digital signature, or checksum, to ensure the integrity of the name/ip resolution. In comes DNSSEC ... the question now becomes: "when will it be in wide-spread enough deployment to be effective?"