@techreport{malbrain-tls-strong-authentication-01,
    number =    {draft-malbrain-tls-strong-authentication-01},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-malbrain-tls-strong-authentication/01/},
    author =    {Karl Malbrain},
    title =     {{Problem Statement: Deployment of TLS Strong Authentication}},
    pagetotal = 6,
    year =      2013,
    month =     sep,
    day =       23,
    abstract =  {The security provided by authenticated TLS connection between clients and servers should protect both parties from "Man-in- the-Middle" (MITM) attacks. Clients should be authenticating that their server connection is to the server they requested. Servers that act as client agents need to authenticate that the connection is directly to their client secure against eavesdropping or account/password hacking. An extension to the Domain Name System (DNS), The DNS-Based Authentication of Named Entities (DANE) (RFC 6698), allows TLS servers to publish their public certificates for use by TLS clients to authenticate the server connection.},
}