%% You should probably cite draft-dukhovni-tls-dnssec-chain instead of this I-D. @techreport{ietf-tls-dnssec-chain-extension-00, number = {draft-ietf-tls-dnssec-chain-extension-00}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-ietf-tls-dnssec-chain-extension/00/}, author = {Melinda Shore and Richard Barnes and Shumon Huque and Willem Toorop}, title = {{A DANE Record and DNSSEC Authentication Chain Extension for TLS}}, pagetotal = 12, year = 2016, month = jun, day = 4, abstract = {This draft describes a new TLS extension for transport of a DNS record set serialized with the DNSSEC signatures needed to authenticate that record set. The intent of this proposal is to allow TLS clients to perform DANE authentication of a TLS server certificate without needing to perform additional DNS record lookups. It will typically not be used for general DNSSEC validation of TLS endpoint names.}, }