It's not quite that simple: I think DJB is proposing that we solve a different problem than DNSSEC tries to solve.
Compare DNS security to HTTP security. SSL/TLS secures HTTP connections, but not their underlying content. DNSSEC is like trying to encrypt and sign every web page, instead of the secure connections. Which is why it's unlikely to ever happen.
DNSCurve is a design that uses modern high-speed ECC crypto to do packet-transaction-speed security. It looks like its to DNS what TLS is to the web.
That said, since DNSSEC is a crazy idea (obligatory self-link: http://www.matasano.com/log/case-against-dnssec/) and because DJB got a lot of (well deserved) attention after this summer's DNS debacle, this could get some serious attention.
I'd argue that slides are more on DNSSEC weaknesses than on DNSCurve [1] strengths. Actually he only mentions advantages of his solution as opposed to giving quite detailed criticism of DNSSEC.
However, great presentation and I highly recommend it to all network/security geeks.
This proposes to encode an encryption key into the NS delegation for a zone, and backing it up with an encryption scheme touted to be fast enough to handle high loads.
The idea of encoding a key into the NS name sounds like something djb would dream up, seeing the names as useless anyway (you'd get that impression after using his software and reading his notes on dns). The part that pushes the solution over the top is providing a fast enough encryption algorithm to work for dns servers.
Compare DNS security to HTTP security. SSL/TLS secures HTTP connections, but not their underlying content. DNSSEC is like trying to encrypt and sign every web page, instead of the secure connections. Which is why it's unlikely to ever happen.
DNSCurve is a design that uses modern high-speed ECC crypto to do packet-transaction-speed security. It looks like its to DNS what TLS is to the web.
That said, since DNSSEC is a crazy idea (obligatory self-link: http://www.matasano.com/log/case-against-dnssec/) and because DJB got a lot of (well deserved) attention after this summer's DNS debacle, this could get some serious attention.