@Hugh McIntyre

Not sure I follow your logic here. Signing DNS and SSL certificates are two completely different things, and serve completely different purposes.

DNSSEC confirms that the IP address returned when you make a DNS request is the correct one.

SSL confirms that the website you reach is the real one, eg the https:\\secure.foo.com you see really does belong to Foo Corporation, and not Mr B H Hacker who's setup the site on his server and tricked your computer to go to him instead of the real one. It provides authenticity by ensuring that if you want to purchase an SSL certificate for Foo Ltd, you can prove that you really are Foo Ltd (there's quite a few checks done, especially if you're a Ltd or PLC company, hense their justification for the high prices). And finally, and perhaps most importantly, it allows you and the server your connecting to to establish a secure tunnel down which all the communications are sent, thus protecting you from anyone sniffing your connection.

What SSL doesn't do is care about what IP address the site is on. As long as you have the certificate information you can install it on any server at any address. So the two don't cross over at all, to my mind they compliment each other, improving the overall security for viewing normal websites, and improving yet futher the security of secure websites.