The trust store needs to provide a verifier that is capable of verifying signatures based on the certificate chains present in the trust store.

Verifier properties:

• The verifier should be a struct that implements the infra.Verifier interface. (see go/lib/infra/common.go)
• The verifier should live inside go/lib/infra/modules/trust/v2/verifier.go.
• For the first simple implementation, the verifier fetches the chain from the store (through the CryptoProvider) and simply verifies the signature based on the signing key authenticated by the certificate chain. The CryptoProvider already takes care of checking that the certificate chain is active.

Verifier clients:

• The verifier is used by other packages to verify control plane messages. (e.g. path segments). (see: usage of infra.Verifier)

Existing code:

• Code already exists at https://github.com/Oncilla/scion/blob/pub-trust-enable/go/lib/infra/modules/trust/v2/helpers.go#L115
• Should simply be called verifier
• Take CryptoProvider in the constructor instead of concrete store