%% You should probably cite rfc9175 instead of this I-D.
@techreport{ietf-core-echo-request-tag-14,
    number =    {draft-ietf-core-echo-request-tag-14},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-ietf-core-echo-request-tag/14/},
    author =    {Christian Amsüss and John Preuß Mattsson and Göran Selander},
    title =     {{Constrained Application Protocol (CoAP): Echo, Request-Tag, and Token Processing}},
    pagetotal = 27,
    year =      2021,
    month =     oct,
    day =       4,
    abstract =  {This document specifies enhancements to the Constrained Application Protocol (CoAP) that mitigate security issues in particular use cases. The Echo option enables a CoAP server to verify the freshness of a request or to force a client to demonstrate reachability at its claimed network address. The Request-Tag option allows the CoAP server to match block-wise message fragments belonging to the same request. This document updates RFC 7252 with respect to the following: processing requirements for client Tokens, forbidding non-secure reuse of Tokens to ensure response-to-request binding when CoAP is used with a security protocol, and amplification mitigation (where the use of the Echo option is now recommended).},
}