%% You should probably cite draft-ietf-lamps-rfc7030-csrattrs-22 instead of this revision.
@techreport{ietf-lamps-rfc7030-csrattrs-16,
    number =    {draft-ietf-lamps-rfc7030-csrattrs-16},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-ietf-lamps-rfc7030-csrattrs/16/},
    author =    {Michael Richardson and Owen Friel and David von Oheimb and Dan Harkins},
    title =     {{Clarification and enhancement of RFC7030 CSR Attributes definition}},
    pagetotal = 24,
    year =      2025,
    month =     feb,
    day =       6,
    abstract =  {This document updates RFC7030 (EST) and clarifies how the CSR Attributes Response can be used by an EST server to specify both CSR attribute OIDs and also CSR attribute values, in particular X.509 extension values, that the server expects the client to include in subsequent CSR request. The Enrollment over Secure Transport (EST, RFC7030) is ambiguous in its specification of the CSR Attributes Response. This has resulted in implementation challenges and implementor confusion. As a result of some of the implementation challenges, it came to light that the particular way of that RFC7030 (EST) says to use the CSR attributes was not universally agreed upon. This document therefore also provides a new straightforward approach: using a template for CSR contents that may be partially filled in by the server. This also allows an EST server to specify a subject Distinguished Name (DN).},
}