Ready with nits

1. There appears to be a tone contradiction between sections 1 and 2.1 about symmetric crypto and Grover’s algorithm. Section 1 states that the risk of CRQCs to symmetric crypto can be mitigated by doubling the key or digest length. Then section 2.1 calls this a “common misconception”.  This is more of a tone/language comment and not a technical comment. Maybe change the Introduction text to say the risk may not apply everywhere, but where it does, doubling the key length or digest mitigates it. 

2. Sec 10.5, the RFC that specifies how signatures are generated for RRSIG DNS records is RFC 4034, though since it is an informative reference, it doesn’t really matter.