@techreport{vanrein-cert-xover-00,
    number =    {draft-vanrein-cert-xover-00},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-vanrein-cert-xover/00/},
    author =    {Rick van Rein},
    title =     {{Realm Crossover for PKIX Certificates}},
    pagetotal = 12,
    year =      2021,
    month =     apr,
    day =       4,
    abstract =  {Certificates can express user attributes, but the semantics behind them, especially the validation policy, is not always clear. This specification describes how domains can use their prerogative to define user identities for a recognised domain user. This enables foreign realms to validate the identity of the domain user without with mere certificate logic.},
}