%% You should probably cite draft-williams-kitten-krb5-pkcross-05 instead of this revision.
@techreport{williams-kitten-krb5-pkcross-02,
    number =    {draft-williams-kitten-krb5-pkcross-02},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-williams-kitten-krb5-pkcross/02/},
    author =    {Nicolás Williams},
    title =     {{Public Key-Based Kerberos Cross Realm Path Traversal Protocol Using Kerberized Certification Authorities (kx509) and PKINIT}},
    pagetotal = 14,
    year =      2013,
    month =     aug,
    day =       13,
    abstract =  {This document specifies a protocol for obtaining cross-realm Kerberos tickets using existing, related protocols: kerberized certification authorities (kx509) and public key cryptography initial authentication in Kerberos (PKINIT). The resulting protocol has a number of desirable security properties, including privacy protection for the user relative to their home realm's infrastructure, as well a support for leap-of-faith trust establishment, and automated cross- realm keying. This protocol allows Kerberos to scale to large numbers of realms.},
}