Great question — That paper is a discussion on parameter selection suggestions not meeting security requirement definitions and doesn’t “largely dismiss” CSIDH. Parameter selection is a significant issue which we will need to look into before we make decisions regarding next steps. We’ve not committed to CSIDH for this reason and we also want to re-evaluate all the recent research in the field before making a final decision.
With respect to why choose it over others, the primary reason is the key sizes as they fit into a single packet. The engineering to work around the large key sizes in the other algorithms and the associated inefficiencies are significant. For example, NTRU’s key sizes are ~2k bytes and CRYSTALS-Kyber’s are ~1k bytes. It’s possible we’ll be using one of these for our link layer as soon as they are available in a hybrid form, but it is harder to work with these key exchange systems over cMix.
There is also good reason to be skeptical of NIST, and It’s clearer (to me at least) why SI as a technical approach is quantum resistant to me than it is for other approaches.