%% You should probably cite rfc8225 instead of this I-D.
@techreport{ietf-stir-passport-09,
    number =    {draft-ietf-stir-passport-09},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-ietf-stir-passport/09/},
    author =    {Chris Wendt and Jon Peterson},
    title =     {{Personal Assertion Token (PASSporT)}},
    pagetotal = 21,
    year =      2016,
    month =     oct,
    day =       18,
    abstract =  {This document defines a method for creating and validating a token that cryptographically verifies an originating identity, or more generally a URI or telephone number representing the originator of personal communications. The PASSporT token is cryptographically signed to protect the integrity of the identity the originator and to verify the assertion of the identity information at the destination. The cryptographic signature is defined with the intention that it can confidently verify the originating persona even when the signature is sent to the destination party over an insecure channel. PASSporT is particularly useful for many personal communications applications over IP networks and other multi-hop interconnection scenarios where the originating and destination parties may not have a direct trusted relationship.},
}