%% You should probably cite rfc7627 instead of this I-D.
@techreport{ietf-tls-session-hash-03,
    number =    {draft-ietf-tls-session-hash-03},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-ietf-tls-session-hash/03/},
    author =    {Karthikeyan Bhargavan and Antoine Delignat-Lavaud and Alfredo Pironti and Adam Langley and Marsh Ray},
    title =     {{Transport Layer Security (TLS) Session Hash and Extended Master Secret Extension}},
    pagetotal = 11,
    year =      2014,
    month =     nov,
    day =       12,
    abstract =  {The Transport Layer Security (TLS) master secret is not cryptographically bound to important session parameters. Consequently, it is possible for an active attacker to set up two sessions, one with a client and another with a server, such that the master secrets on the two sessions are the same. Thereafter, any mechanism that relies on the master secret for authentication, including session resumption, becomes vulnerable to a man-in-the- middle attack, where the attacker can simply forward messages back and forth between the client and server. This specification defines a TLS extension that contextually binds the master secret to a log of the full handshake that computes it, thus preventing such attacks.},
}