%% You should probably cite draft-mcguinness-oauth-resource-token-resp-03 instead of this revision.
@techreport{mcguinness-oauth-resource-token-resp-02,
    number =    {draft-mcguinness-oauth-resource-token-resp-02},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-mcguinness-oauth-resource-token-resp/02/},
    author =    {Karl McGuinness and Jared Hanson},
    title =     {{OAuth 2.0 Resource Parameter in Access Token Response}},
    pagetotal = 34,
    year =      ,
    month =     ,
    day =       ,
    abstract =  {This specification defines a new parameter resource to be returned in OAuth 2.0 access token responses. It enables clients to confirm that the issued token is valid for the intended resource. This mitigates ambiguity and certain classes of security vulnerabilities such as resource mix-up attacks, particularly in systems that use the Resource Indicators for OAuth 2.0 specification {[}RFC8707{]}.},
}