%% You should probably cite draft-ietf-httpbis-cookie-same-site instead of this I-D.
@techreport{west-first-party-cookies-04,
    number =    {draft-west-first-party-cookies-04},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-west-first-party-cookies/04/},
    author =    {Mike West and Mark Goodwin},
    title =     {{First-Party-Only Cookies}},
    pagetotal = 13,
    year =      2015,
    month =     sep,
    day =       8,
    abstract =  {This document updates RFC6265 by defining a "First-Party-Only" attribute which allows servers to assert that a cookie ought to be sent only in a "first-party" context. This assertion allows user agents to mitigate the risk of cross-origin information leakage, and provides some minimal protection against cross-site request forgery attacks.},
}