1. Almost nobody --- major tech companies, banks, privacy and security organizations --- uses it. It's decades old, and its adoption, at least in North America and in industry, is zero. There are lots of reasons, but you don't have to care right now.

2. Since almost nothing uses it, there's no real upside to enabling it. But there is a downside! If DNSSEC is misconfigured --- which is easy to do, and it won't get noticed quickly (see: point 1) --- then sites in the DNSSEC-signed zone silently drop off the Internet, as if they never existed. That happened, for instance, to HBO when they launched HBO NOW: nobody on Comcast could see it, because it turned out they'd screwed up DNSSEC, and Comcast had DNSSEC-verifying resolvers.