That's great, but if you really wanted to clear up any doubt about your credibility, could you provide an estimate for how much it would cost an adversary to crack a 1024 bit RSA key within 90 days? You seem to suggest that's a significant threat that has to be addressed before anyone uses DNSSEC.
There isn't any doubt about tptacek's credibility.
He points out how dnssec puts control in the hands of whatever government controls the domain, and your counter argument is about the strength of keys used to do so.
It makes your argument seem less like an argument on the merits of the issue and whether or not tptacek is a credible voice in the matter. Further, to call his arguments FUD takes you further down a path that is not increasing your own credibility.
Basically, whereas any CA (controlled by any government) can issue a certificate for any domain, with DNSSEC you at least get to pick which government you trust to secure your domain (or run your own generic TLD and not trust any government).
My counter argument about the strength of the keys was because he was the first to mention "1024 bit RSA". Did you miss that?
Finally, I used the term "FUD" to borrow the language from that EasyDNS article, the second sentence of which is: "Sadly, there is a lot of FUD out there and we wanted to both debunk that FUD and explain why DNSSEC is vital to the security of the internet." Hopefully people are reading both sides of the story here.
