%% You should probably cite draft-wilson-dane-pkix-cd-02 instead of this revision.
@techreport{wilson-dane-pkix-cd-01,
    number =    {draft-wilson-dane-pkix-cd-01},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-wilson-dane-pkix-cd/01/},
    author =    {Ash Wilson and Shumon Huque},
    title =     {{PKI-Authenticated Certificate Discovery Using DANE TLSA records}},
    pagetotal = 9,
    year =      2021,
    month =     apr,
    day =       14,
    abstract =  {The DNS-Based Authentication of Named Entities (DANE) TLSA specification {[}RFC6698{]} and The DNS-Based Authentication of Named Entities (DANE) Protocol: Updates and Operational Guidance {[}RFC7671{]} describe how to publish Transport Layer Security (TLS) server certificates or public keys in the DNS. This document updates {[}RFC6698{]} and {[}RFC7671{]}. It describes how to use the TLSA record to enable entity and CA certificate discovery for object security and trust chain discovery use cases, and how to use PKIX validation for TLSA records queried without the benefit of DNSSEC.},
}