The author of this is missing the point of DNSSEC.
They seem to be confusing DNSSEC and functionality that is possible with DNSSEC (DANE/TLSA). Not only that, they don't seem to fully understand DANE (there are modes that complement the traditional CA model, not replace it).
DNSSEC is just another tool. It isn't a panacea.
I definitely urge readers to objectively research the technical aspects of DNSSEC and draw conclusions for themselves.
