%% You should probably cite draft-ietf-rats-corim instead of this I-D.
@techreport{birkholz-rats-corim-03,
    number =    {draft-birkholz-rats-corim-03},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-birkholz-rats-corim/03/},
    author =    {Henk Birkholz and Thomas Fossati and Yogesh Deshpande and Ned Smith and Wei Pan},
    title =     {{Concise Reference Integrity Manifest}},
    pagetotal = 32,
    year =      2022,
    month =     jul,
    day =       11,
    abstract =  {Remote Attestation Procedures (RATS) enable Relying Parties to assess the trustworthiness of a remote Attester and therefore to decide whether to engage in secure interactions with it. Evidence about trustworthiness can be rather complex and it is deemed unrealistic that every Relying Party is capable of the appraisal of Evidence. Therefore that burden is typically offloaded to a Verifier. In order to conduct Evidence appraisal, a Verifier requires not only fresh Evidence from an Attester, but also trusted Endorsements and Reference Values from Endorsers and Reference Value Providers, such as manufacturers, distributors, or device owners. This document specifies Concise Reference Integrity Manifests (CoRIM) that represent Endorsements and Reference Values in CBOR format. Composite devices or systems are represented by a collection of Concise Module Identifiers (CoMID) and Concise Software Identifiers (CoSWID) bundled in a CoRIM document.},
}