%% You should probably cite rfc9102 instead of this I-D.
@techreport{dukhovni-tls-dnssec-chain-01,
    number =    {draft-dukhovni-tls-dnssec-chain-01},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-dukhovni-tls-dnssec-chain/01/},
    author =    {Viktor Dukhovni and Shumon Huque and Willem Toorop and Paul Wouters and Melinda Shore},
    title =     {{The DANE Authentication Chain Extension for TLS}},
    pagetotal = 35,
    year =      2019,
    month =     dec,
    day =       17,
    abstract =  {This draft describes a new TLS extension for in-band transport of the complete set of DNSSEC validated records needed to perform DANE authentication of a TLS server without the need to perform separate out-of-band DNS lookups. When the requisite DNS records do not exist, the extension conveys a validated denial of existence proof.},
}