Would this be the case even for subdomains like functions.netlify.domain.com, where domain.com is on Cloudflare and has DNSSEC enabled? My knowledge of DNSSEC is rather poor, so, I am not sure whether DNSSEC is something that concerns all the domains, or just the root.