Huh? Wikipedia.org is a delegation, an unsigned one at that. That means the only information that .org can sign is either: 1) Information regarding the next key to be used to sign wikipedia.org records, along with the next name server to talk to. 2) Proof there is no next key, and...
Solution: Make new key, sign a message with some trusted PGP keys, send it to the root servers and major DNS providers. The hostmasters can disable signature checking and/or disable updates in the meantime. Result: Even without signatures, today’s unsigned DNS system is relatively protected ...