I apologize for missing the deadline for this early review.

I'm saying the draft is not yet ready primarily because it's early, and there is a "TBD" in "5.3 Security Goals for Authentication". That said, I'm not sure there's much to add here beyond the communicating parties being mutually authenticated.

The security considerations section addresses authentication by stating, "the Authentication and Authorization of Clients and Servers is thus delegated to the respective Organizations." I would add that the selected encryption scheme (HPKE incorporating KEM, KDF, and AEAD) should cover this requirement. 

I'll also mention that authentication is mentioned in 5.3 but seemingly ignored in the list of things PDMv3 DOH needs to consider (see the middle of page 12).

Otherwise, the security considerations section covers the relevant threat scenarios reasonably well, and the document seems to provide a methodology to provide delegated trust, as claimed.