Skip to content

Lead Verifier: support “dynamic" verification algorithm in the Veraison client plugin #375

New issue
New issue
Open
Feature
Open
Lead Verifier: support “dynamic" verification algorithm in the Veraison client plugin#375
Feature
Labels
multi-verifiermulti-verifier support
@yogeshbdeshpande

Description

@yogeshbdeshpande
yogeshbdeshpande
opened on Jan 29, 2026

The Veraison client plugin should be able to determine the signature algorithm used by the downstream verifier dynamically.

Currently, the value is hardcoded.

There are a few ways to address this issue:

  • Extract the alg header from the EAR.
  • Supply the algorithm as part of the plugin configuration blob.
  • Expand the discovery object to return the signature algorithm identifier alongside the public key.

If we opt for the first option, it will be dealt with entirely in veraison/ear. The other two options are veraison/services only.

EDIT(@thomas-fossati): added more details.

Metadata

Metadata

Assignees

No one assigned

    Labels

    multi-verifiermulti-verifier support

    Type

    Feature

    Projects

    Lead Verifier Implementation

    Status

    Backlog

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions