diff --git a/chapter-qkd/chapter.pdf b/chapter-qkd/chapter.pdf
new file mode 100644
index 0000000..a257244
Binary files /dev/null and b/chapter-qkd/chapter.pdf differ
diff --git a/chapter-qkd/chapter.tex b/chapter-qkd/chapter.tex
index a02b684..e87e757 100644
--- a/chapter-qkd/chapter.tex
+++ b/chapter-qkd/chapter.tex
@@ -1,7 +1,7 @@
 \documentclass[12pt,a4paper,notitlepage]{report}
 \usepackage[ngerman, english]{babel}
 \usepackage[utf8]{inputenc}
-\usepackage[a4paper, top=2cm, bottom=3.5cm, left=3cm, right=4cm]{geometry}
+\usepackage[a4paper, top=2cm, bottom=3.5cm, left=3.5cm, right=5cm]{geometry}
 % Matti remarkable tablet special size
 %\usepackage[paperwidth=15cm, paperheight=244mm, top=1cm, bottom=1cm, left=5mm, right=5mm]{geometry}
 \usepackage[T1]{fontenc}
@@ -75,6 +75,9 @@
 
 \newcommand{\degree}{\ensuremath{^\circ}}
 \newcolumntype{P}[1]{>{\centering\arraybackslash}p{#1}}
+\setlength{\marginparwidth}{3cm}
+\definecolor{todoboxcolor}{RGB}{251 224 252}
+\newcommand{\todo}[1]{\marginpar{\setlength{\fboxsep}{4mm}\colorbox{todoboxcolor}{\parbox{\marginparwidth}{\raggedright\textsf{\small\textbf{To do}\\\footnotesize#1}}}}}
 
 \begin{document}
 \dominitoc
@@ -170,12 +173,12 @@ is, for an asymmetric cryptosystem susceptible to Shor's algorithm, there is no
 to be safe.
 
 In contrast to this, while Grover's algorithm radically speeds up the breaking of a symmetric cryptosystem, this
-speed-up is only quadratic. In practice this means that it halves the security level % FIXME definition, citation of sec. lvl
-of a given symmetric cipher. While this is bad news for applications that parameterize these symmetric primitives to a
-security level at the lower end of what is considered secure today, the advantage provided by Grover's algorithm can
-easily be compensated by doubling key size. Longer key sizes require more storage or bandwidth for the additional bits
-and result in slightly slower operation of the cipher, but this additional cost is easily manageable even without any
-improvement in today's hardware.
+speed-up is only quadratic. In practice this means that it halves the security level \todo{definition, citation of
+security level} of a given symmetric cipher. While this is bad news for applications that parameterize these symmetric
+primitives to a security level at the lower end of what is considered secure today, the advantage provided by Grover's
+algorithm can easily be compensated by doubling key size. Longer key sizes require more storage or bandwidth for the
+additional bits and result in slightly slower operation of the cipher, but this additional cost is easily manageable
+even without any improvement in today's hardware.
 
 \section{The Practical Security Implications of Quantum Computing}
 \label{qc-practical-implications}
@@ -215,7 +218,7 @@ much larger key and/or ciphertext size and worse performance compared to state-o
 exchange or signature algorithms, pairing it with a classically secure alternative incurs only a negligible overhead in
 key storage, network communication and computation costs.
 
-% FIXME TODO research some more policies.
+\todo{research some more policies.}
 
 \section{The Physics of Quantum Computing}
 
@@ -257,7 +260,8 @@ implementations for their qubits that include photons and squeezed light, but ex
 various aspects of currents in superconducters into phonons\cite{berriosHighFidelityQuantum2012}.
 
 \subsection{Practical Challenges}
-% FIXME I don't like this paragraph.
+\todo{I don't like this paragraph.}
+>>>>>>> b6e2696 (Add todo command)
 The central challenge in general quantum computers is extending the lifetime of the quantum state encoding a qubit.
 Quantum states are extremely sensitive to disturbances, and despite the best efforts to shield their quantum states
 against external influence, their lifetime is still inconveniently short compared to the timescales required for quantum
@@ -269,8 +273,9 @@ endpoints of the QKD protocol.
 While QKD systems are easy to build and operationally robust compared to general quantum computers, at their core they
 still exchange information through quantum states that physically need to transit the distance from one endpoint to the
 other. For classical computer networks, bridging distances of several hundred kilometers is no big challenge. Using
-appropriate high-power transceivers, a single optical link can already bridge upwards of 100km. % FIXME cite
-Longer ranges can easily be achieved by either logically chaining multiple links, or by using optical amplifiers.
+appropriate high-power transceivers, a single optical link can already bridge upwards of 100km. \todo{Citation on
+distance} Longer ranges can easily be achieved by either logically chaining multiple links, or by using optical
+amplifiers.
 
 In contrast, the quantum states at the core of QKD systems must necessarily be ``weak''. A single quantum state on the
 wire on average must consist of approximately a single photon. If the system's quantum states consisted of more than one
@@ -306,10 +311,10 @@ Decoherence is less relevant for the distance limitation, and mostly limits whic
 utilized in the first place. Due to decoherence, QKD systems usually use Single-Mode (SM) fiber over Multi-Mode (MM)
 fiber, and makes it more difficult to utilize Wavelength Division Multiplexing (xWDM) to send multiple either quantum or
 classical optical signals through a single fiber.
-% FIXME go more into the details on xWDM, elaborate on decoherence mechanisms, especially crosstalk in the context of
-% xWDM.
+\todo{go more into the details on xWDM, elaborate on decoherence mechanisms, especially crosstalk in the context of
+xWDM.}
 
-% FIXME CV-QKD
+\todo{CV-QKD}
 
 \subsection{Relaying}
 % FIXME (one?) term of the art seems to be "repeater"
@@ -319,7 +324,7 @@ QKD link. What remains as ways to extend the range of a QKD link are \emph{relay
 terminated at the relay, and another is started, with the relay proxying information between the two. We can separate
 relay implementations into two broad categories.
 
-% FIXME mention that one MDI-QKD range doubling hack
+\todo{mention that one MDI-QKD range doubling hack}
 \begin{description}
     \item[Classical relays] encompass the trivial implementation of a relay, where the QKD link is formed by simply
         stitching two QKD links together by connecting one link's receiver to the other link's transmitter. The key
@@ -367,8 +372,8 @@ revolves around managing the levels of these key stores to avoid depletion.
 As we discussed above, when it comes down to practical, end-to-end security properties, Quantum Key Distribution
 removes trust in the hardness of particular mathematical problems (good!), but increases trust in the physical
 integrity of the transceivers of the QKD link (bad!). In scenarios where the communicating parties are all located
-within physical proximity, in QKD meaning within at most a few hundred kilometers from each other depending on secret
-key rate requirements, this added trust is of no consequence because the communcating parties' hardware must be trusted
+within physical proximity--in QKD, meaning within at most a few hundred kilometers from each other depending on secret
+key rate requirements--this added trust is of no consequence because the communcating parties' hardware must be trusted
 in either QKD-assisted or purely classical setups. However, this trust requirement becomes a burden as soon as at least
 one party is too far away (or higher secret key rates are required), as now physically trusted relays become necessary.
 
@@ -376,15 +381,14 @@ Extrapolating to practical deployments, we can make two predictions. First, as Q
 actual data transfer still happens through normal off-the-shelf telecommunications components in QKD networks, there is
 no reason for a practical QKD setup to \emph{not} also use classical cryptography as an additional layer for defense in
 depth,
-% FIXME citation on defense in depth, and on this hybrid scenario
+\todo{citation on defense in depth, and on this hybrid scenario}
 meaning the QKD setup will at worst degrade to the same security a purely classical system would provide, never less.
 
 The second prediction we can make is that any practical QKD network will have to use trusted relays to bridge large
 distances. While in certain specialized applications such as the proposed financial QKD network in Switzerland
-% FIXME citation
-smaller, isolated networks are conceivable, in every telecommunication system from the telegraph through the telephone
-system and up to the internet it has been shown conclusively that there is a real demand for a unified, global
-interconnected network. % FIXME citation on historic networks
+\todo{citation on swiss deployment} smaller, isolated networks are conceivable, in every telecommunication system from
+the telegraph through the telephone system and up to the internet it has been shown conclusively that there is a real
+demand for a unified, global interconnected network. \todo{citation on historic networks}
 
 In this section, we will outline a solution that provides practical, end-to-end security in large-scale QKD networks by
 delegating the hardware trust issue of QKD relays to Inertial Hardware Security Modules. The primary design challenges