It seems to me that a lot of the problems with DNS, particularly security problems, have the root cause of DNS being implemented over UDP; for example the responder doesn't have to be who he says he is.
I don't know the details of mDNS protocol (which I assume is much newer than DNS), maybe it takes care of these problems in its application level. Can anyone shed some light on this for me?
Zeroconf is not concerned with security; security should be implemented in the layer above.
TCP wouldn't change much. These problems have to be solved cryptographically.
The 'm' in mDNS stands for "multicast." An mDNS query is pretty much a regular DNS query multicast (aka broadcast) to the local subnet. Every host on the subnet receives all mDNS query packets and responds to the ones for their host name. Since TCP it isn't possible to do a TCP broadcast, you couldn't implement mDNS over TCP.
There's a more fundamental point here though, mDNS is already completely insecure. As you point out, anyone can respond to any query so you pretty much have to trust all the hosts on the network. Switching to TCP (if you could) wouldn't fix this problem.