%% You should probably cite draft-ietf-oauth-token-binding-08 instead of this revision.
@techreport{ietf-oauth-token-binding-05,
    number =    {draft-ietf-oauth-token-binding-05},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-ietf-oauth-token-binding/05/},
    author =    {Michael B. Jones and Brian Campbell and John Bradley and William Denniss},
    title =     {{OAuth 2.0 Token Binding}},
    pagetotal = 30,
    year =      ,
    month =     ,
    day =       ,
    abstract =  {This specification enables OAuth 2.0 implementations to apply Token Binding to Access Tokens, Authorization Codes, Refresh Tokens, JWT Authorization Grants, and JWT Client Authentication. This cryptographically binds these tokens to a client's Token Binding key pair, possession of which is proven on the TLS connections over which the tokens are intended to be used. This use of Token Binding protects these tokens from man-in-the-middle and token export and replay attacks.},
}