> The same reasons not to deploy DNSSEC that face large organizations apply to you: any mistake managing your DNSSEC configuration will take your domain off the Internet (in fact, you'll probably have a harder time recovering than large orgs, who can get Google and Cloudflare on the phone).
There are several mistakes one can make to knock oneself off the Internet that have nothing to do with DNSSEC. These are not the bad old days; compared to 10 years ago, DNSSEC is a lot easier to administer.
If I accidentally yank the power cable out of my load balancer, I can plug it back in and I'm back up and running.
If I cock up my DNSSEC config, nobody can resolve any records under my org's domain (goodbye internal email!) and you've got to twiddle your thumbs for a period of time waiting for various timeouts to pass (go ask Slack how it went for them).
There are several mistakes one can make to knock oneself off the Internet that have nothing to do with DNSSEC. These are not the bad old days; compared to 10 years ago, DNSSEC is a lot easier to administer.