Wait, what? No they can't. The whole point of SSL/TLS is that you don't trust the DNS.
The only way an attacker can redirect DNS for Paypal and have a valid-looking CA for Paypal is if they compromise a CA root certificate. That's the point of SSL/TLS.
Before you suggest "but we can't trust the CAs", note two things: (1) if you don't trust the CA, SSL/TLS isn't doing anything for you anyways, and (2) DNSSEC also has a hierarchical PKI in which you are required to trust commercial enterprises --- or governments, explicitly.
SSH has more robust security than SSL seems to if only because once you've established a connection with a remote host, whereupon their public key is displayed and validated, it can be saved as "trusted".
The same principle doesn't seem to apply for SSL in browsers where, so long as it's signed by a "trusted" authority, there's no question the certificate is valid.
The only way an attacker can redirect DNS for Paypal and have a valid-looking CA for Paypal is if they compromise a CA root certificate. That's the point of SSL/TLS.
Before you suggest "but we can't trust the CAs", note two things: (1) if you don't trust the CA, SSL/TLS isn't doing anything for you anyways, and (2) DNSSEC also has a hierarchical PKI in which you are required to trust commercial enterprises --- or governments, explicitly.