S/MIME relies on centralized key servers [which are] extremely desirable points of attack.
As are the individual members of the "strong set" in PGP's web of trust, which as I understand it is made of people who can afford to travel to key-signing parties in foreign countries.
there's no equivalent to PGP's web of trust
I've had two problems with the concept of PGP's web of trust. One is that just because you can vouch for someone's identity doesn't necessarily mean you can vouch for that person's ability to vouch for others' identities. Another is that if you yourself don't travel to foreign key-signing parties, good luck finding multiple independent paths through the trust graph between you and someone with whom you are corresponding. All this trust has to flow through this "strong set".