%% You should probably cite draft-mattsson-core-coap-attacks instead of this I-D.
@techreport{mattsson-core-coap-actuators-00,
    number =    {draft-mattsson-core-coap-actuators-00},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-mattsson-core-coap-actuators/00/},
    author =    {John Preuß Mattsson and John Fornehed and Göran Selander and Francesca Palombini},
    title =     {{Controlling Actuators with CoAP}},
    pagetotal = 15,
    year =      2015,
    month =     oct,
    day =       19,
    abstract =  {Being able to trust information from sensors and to securely control actuators is essential in a world of connected and networking things interacting with the physical world. In this memo we show that just using COAP with a security protocol like DTLS or OSCOAP is not enough. We describe several serious attacks any on-path attacker can do, and discuss tougher requirements and mechanisms to mitigate the attacks. While this document is focused on actuators, one of the attacks applies equally well to sensors using DTLS.},
}