%% You should probably cite draft-ietf-lamps-csr-attestation instead of this I-D.
@techreport{ounsworth-csr-attestation-00,
    number =    {draft-ounsworth-csr-attestation-00},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-ounsworth-csr-attestation/00/},
    author =    {Mike Ounsworth and Hannes Tschofenig},
    title =     {{Use of Attestation with Certification Signing Requests}},
    pagetotal = 15,
    year =      2023,
    month =     jul,
    day =       8,
    abstract =  {Utilizing information from a device or hardware security module about its posture can help to improve security of the overall system. Information about the manufacturer of the hardware, the version of the firmware running on this hardware and potentially about the layers of software above the firmware, the presence of hardware security functionality to protect keys and many more properties can be made available to remote parties in a cryptographically secured way. This functionality is accomplished with attestation technology. This document describes extensions to encode evidence produced by an attester for inclusion in PKCS10 certificate signing requests. More specifically, two new ASN.1 Attribute definitions, and an ASN.1 CLASS definition to convey attestation information to a Registration Authority or to a Certification Authority are described.},
}