%% You should probably cite rfc8613 instead of this I-D.
@techreport{ietf-core-object-security-16,
    number =    {draft-ietf-core-object-security-16},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-ietf-core-object-security/16/},
    author =    {Göran Selander and John Preuß Mattsson and Francesca Palombini and Ludwig Seitz},
    title =     {{Object Security for Constrained RESTful Environments (OSCORE)}},
    pagetotal = 94,
    year =      2019,
    month =     mar,
    day =       6,
    abstract =  {This document defines Object Security for Constrained RESTful Environments (OSCORE), a method for application-layer protection of the Constrained Application Protocol (CoAP), using CBOR Object Signing and Encryption (COSE). OSCORE provides end-to-end protection between endpoints communicating using CoAP or CoAP-mappable HTTP. OSCORE is designed for constrained nodes and networks supporting a range of proxy operations, including translation between different transport protocols. Although an optional functionality of CoAP, OSCORE alters CoAP options processing and IANA registration. Therefore, this document updates RFC 7252.},
}