%% You should probably cite rfc6698 instead of this I-D.
@techreport{ietf-dane-protocol-16,
    number =    {draft-ietf-dane-protocol-16},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-ietf-dane-protocol/16/},
    author =    {Jakob Schlyter and Paul E. Hoffman},
    title =     {{Using Secure DNS to Associate Certificates with Domain Names For TLS}},
    pagetotal = 27,
    year =      ,
    month =     ,
    day =       ,
    abstract =  {TLS and DTLS use PKIX certificates for authenticating the server. Users want their applications to verify that the certificate provided by the TLS server is in fact associated with the domain name they expect. TLSA provides bindings of keys to domains that are asserted not by external entities, but by the entities that operate the DNS. This document describes how to use secure DNS to associate the TLS server's certificate with the intended domain name.},
}