"With SSL when you make a request to google.com you can verify the answer is actually from google.com."

That's exactly what SSL is supposed to do, and tptacek is saying DNSSEC has the same problems as any PKI, including SSL.

And more importantly, using DNSSEC without SSL, even if you know you have the right IP address you don't you're not being MITM'd.