The Internet Public Key Infrastructure (PKIX) is broken, but several solutions exist to fix some of the issues around transport encryption with TLS and x509 certificates.
In this webinar a deeper look is taken at two solutions: RFC 7672 “SMTP with DANE” and draft-ietf-uta-mta-sts “SMTP MTA Strict Transport Security (MTA-STS)”.
What problems are solved with these solutions? What is needed to implement MTA-STS and SMTP-DANE?
Is one solution preferable over the other, or should you deploy both?