%% You should probably cite draft-jaked-cared instead of this I-D.
@techreport{tjjk-cared-00,
    number =    {draft-tjjk-cared-00},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-tjjk-cared/00/},
    author =    {Tommy Jensen and Jessica Krynitsky and Jeffrey Damick and Matt Engskow},
    title =     {{Client Authentication Recommendations for Encrypted DNS}},
    pagetotal = 11,
    year =      2024,
    month =     jun,
    day =       27,
    abstract =  {For privacy reasons, encrypted DNS clients need to be anonymous to their encrypted DNS servers to prevent third parties from correlating client DNS queries with other data for surveillance or data mining purposes. However, there are cases where the client and server have a pre-existing relationship and each peer wants to prove its identity to the other. For example, an encrypted DNS server may only wish to accept resolutions from encrypted DNS clients that are managed by the same enterprise. This requires mutual authentication. This document defines when using client authentication with encrypted DNS is appropriate, the benefits and limitations of doing so, and the recommended authentication mechanism(s) when communicating with TLS- based encrypted DNS protocols.},
}