Have you considered the downside of an attack against such a DNS system? That is a severe drawback to handshake that limits trust in such a system. This exemplifies the argument you are trying to refute, that using a blockchain as a solution is often poor design.
The link you posted doesn't even aim for replacing DNS, by the abstract and landing page it seems to be an experimental setup to replace the root zone which has been signed for nearly 10 years now. DNSSEC is a thing.
Don't really see what's hand-wavy about your parent comment tbh, the link you posted doesn't seem to address common scenarios like 51% attacks or even why our current system is flawed. The only tangible thing I can find in there is that they don't like trusting verisign - which is fine but really a weird narrative to demonstrate why the world needs that particular implementation.
It isn't hand-wavy. However, it is problematic when people propose solutions to fundamental design issues, without knowing the threat model.
In the link that was posted, a pollution of a distributed root zone will vitiate the entire Internet's DNS. That is the vulnerability, and there are many attacks that will achieve that for the link that was posted.