The document discusses Let's Encrypt, an automated certificate authority that aims to simplify and encourage adoption of TLS encryption. It provides free SSL/TLS certificates that software can automatically obtain and renew. The document also discusses using DNSSEC and DANE to cryptographically bind certificates to domain names to improve security over traditional certificate authorities that can issue certificates for any domain. It describes an experiment conducted by the Internet Society and Go6Lab to test DANE validation of email connections that found low adoption of DNSSEC and DANE currently limits their effectiveness for validating TLS certificates.