%% You should probably cite draft-ietf-lamps-cert-binding-for-multi-auth instead of this I-D.
@techreport{becker-guthrie-cert-binding-for-multi-auth-00,
    number =    {draft-becker-guthrie-cert-binding-for-multi-auth-00},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-becker-guthrie-cert-binding-for-multi-auth/00/},
    author =    {Alison Becker and Rebecca Guthrie and Michael J. Jenkins},
    title =     {{Binding Certificates for Multiple Authentications within a Protocol}},
    pagetotal = 8,
    year =      2022,
    month =     mar,
    day =       21,
    abstract =  {This document defines a new CSR attribute, bindingRequest, and a new X.509 certificate extension, BoundCertificates. The use of the bindingRequest attribute in a CSR and the inclusion of the BoundCertificates extension in the resulting certificate together provide additional assurance that multiple certificates each belong to the same end entity. This mechanism is particularly useful in the context of non-composite hybrid authentication, which enables users to employ the same certificates in hybrid authentication as in authentication done with only traditional or PQ algorithms.},
}