%% You should probably cite draft-ietf-httpbis-cookie-same-site instead of this I-D.
@techreport{west-first-party-cookies-06,
    number =    {draft-west-first-party-cookies-06},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-west-first-party-cookies/06/},
    author =    {Mike West and Mark Goodwin},
    title =     {{Same-site Cookies}},
    pagetotal = 13,
    year =      2016,
    month =     jan,
    day =       25,
    abstract =  {This document updates RFC6265 by defining a "SameSite" attribute which allows servers to assert that a cookie ought not to be sent along with cross-site requests. This assertion allows user agents to mitigate the risk of cross-origin information leakage, and provides some protection against cross-site request forgery attacks.},
}