Could I suggest that the RootSecurityController be opt-in?
I’ve been actively engaging with various ICANN working groups, and one thing that they were particularly curious about was how verification of TLD ownership happens, and how it is secured.
Once control of a TLD is taken by its operator, there was a general acceptance that ultimately responsibility lies with them. Whilst I think fallbacks are prudent, I don’t think we should push a specific fallback. Many are never going to buy-in to rescinding control of their security fallback to 8 independent individuals.
Alternatively, it would be cool if when a TLD is allocated to the operator e.g. [Draft][Executable] Assign Ownership of the `.kred` TLD to Verified Multisig Controller the executable optionally calls a setter on RootSecurityController that sets the address of the fallback (be that an EOA 
, or a contract).
Something like:
address fallback = fallbackOverride[label];
if (fallback == address(0)) {
fallback = address(this);
}
root.setSubnodeOwner(label, fallback);