[jrockway]

It's more scary if they've compromised a SSL CA. A simple DNS attack won't stop your browser from displaying a broken certificate warning. (Though they can always not redirect from http to https and most users won't notice, sadly.)

[blibble]

it's very easy to get your own https cert once you control the dns for a domain, you just set up own nameserver that proxies requests to the original NS (except very specific ones, say those from Verisign), request your "domain control validation" https cert, and bam! valid https cert!

[jeffasinger]

A 'simple' DNS attack would get them access to the mail servers too.

There are plenty of CAs out there who will give out a (non-EV) cert to anyone who can receive emails to webmaster@example.com.