In which layer should the validations be done mainly in the context of DDD?

This question might be asked a thousand of times but a lot of confusions and contradictions in the answers.

I ask about the validations in the context of domain driven design.

1. In which layer should the validations be done mainly ?
2. Is it acceptable for the object to be in invalid state? because many answers said that it's okay and mainly because of historical data and the business rules may change over time and loading historical data might cause problems?
3. Many implementations consider throwing exceptions in the domain layer and mapping the messages to the UI although Martin Fowler recommends to Replacing Throwing Exceptions with Notification in Validations! When to return messages and when to throw exceptions in the validation context ?

4. Many articles explain some tips or paths to follow like Vladimir Khorikov and jbogard in their articles but in the comments they confess that they do things a wee differently now. Are these patterns still valid?

5. Should I use framework like FluentValidation and if I use it, Is this frame work used only in the application layer as an alternative to the MVC annotations ?

6. When Should I use Business Rule Framework (BRF) instead?

---

I know many questions here but they are targets the same spot(Validation in DDD).

Note: I don't use CQRS pattern because it made the application so complex. So I have (domain layer,data layer, application layer(MVC), and shared kernel)