%% You should probably cite rfc3748 instead of this I-D.
@techreport{ietf-eap-rfc2284bis-09,
    number =    {draft-ietf-eap-rfc2284bis-09},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-ietf-eap-rfc2284bis/09/},
    author =    {John Vollbrecht and James D. Carlson and Larry Blunk and Dr. Bernard D. Aboba and Henrik Levkowetz},
    title =     {{Extensible Authentication Protocol (EAP)}},
    pagetotal = 67,
    year =      2004,
    month =     feb,
    day =       16,
    abstract =  {This document defines the Extensible Authentication Protocol (EAP), an authentication framework which supports multiple authentication methods. EAP typically runs directly over data link layers such as Point-to-Point Protocol (PPP) or IEEE 802, without requiring IP. EAP provides its own support for duplicate elimination and retransmission, but is reliant on lower layer ordering guarantees. Fragmentation is not supported within EAP itself; however, individual EAP methods may support this. This document obsoletes RFC 2284. A summary of the changes between this document and RFC 2284 is available in Appendix A. {[}STANDARDS-TRACK{]}},
}