Hybrid signature spectrums
draft-ietf-pquip-hybrid-signature-spectrums-07

Edited:  Thank you for addressing my discuss!

Thank you to Yaron Sheffer for their secdir reviews.  I do think the authors should consider his points, as there is valuable feedback in that review.  I also believe the other two reviews have valuable feedback as well.  I will refrain from duplicating their comments here.

Please define, or provide a reference for EUF-CMA and SUF-CMA.  At a minimum, spell out the acronyms.

# Internet AD comments for draft-ietf-pquip-hybrid-signature-spectrums-06
CC @ekline

* comment syntax:
  - https://github.com/mnot/ietf-comments/blob/main/format.md

* "Handling Ballot Positions":
  - https://ietf.org/about/groups/iesg/statements/handling-ballot-positions/

## Nits

### S1

* "are one reason for to consider" -> "are one reason to consider"

Hi Nina, Britta, Deirdre, and Flo,

Thank you for the effort put into this document. I enjoyed reading it.

Thanks to Adrian for the detailed OPSDIR review. I noted that the authors replied to my recent nudge about the review. I was actually waiting for the authors's follow-up before making my own review but ...

== Updated based on a clarification from Paul.

#  Manageability 

   “I think I would have liked to see some commentary on the configurability
    of algorithms and keys because the increased variability of component
    algorithms in hybrid systems seems to imply a more dynamic configuration
    of security. And (presumably) we reach a point where the chief
    vulnerability is not the algorithm but the configuration. Similarly,
    management mechanisms used to inspect the operation of secure systems 
    provide both a valuable tool to the user/operator and a significant way
    for an attacker to find out how the system is behaving.

    I can't say I'm an expert in any of this, but it was a surprise to find
    no mention of manageability or configuration in the document.”

Not sure if some words are needed to clarify why this is not a concern.

I won’t reiterate here the comments raised by Adrian, but please consider these.

# Please find below some minor comments:

## Internet Documents

CURRENT:
  We follow existing Internet documents on hybrid terminology

Not sure what is an “Internet document”. I guess you are simply referring to other I-Ds. You may simply say “This document makes use of the terms defined in XX, XX, and XX.” Or “This document adheres to the terminology defined in XX, XX, XX”.

## “We” constructs

The document, although informational, will reflects an IETF consensus. Please use “This document XX” rather than “We XXX”

## Simplify how terms are presented

Some of the terminology entries use “xx defines a TERM to be ..”. I would delete and simplify all these statements by simply having a term and its definition without such mention.

OLD:
  Term: we define “term” as DEFINITION

NEW:
  Term: DEFINITION

## “Next-generation ..” will be stale fast

I would avoid such use and go for “new” or other similar terms.

## Expand use acronyms: many are provided without expanding them.

Cheers,
Med

Thank you for the revised -07 to address my feedback.