You're not following. DNSSEC is secured by a chain of keys leading to a root; the entity that controls the root controls the chain. If you use DNSSEC to authenticate your certificate, you're giving control over your certificate to whoever runs the roots.